For partners subscribed to Basic with SSO 2021, Select with SSO 2021, and Enterprise plans.
With this account settings update, if you have an Administrator role in your IT Glue account, you can now configure authentication settings to only allow users to log in to IT Glue by using your SSO provider. You can set this up by enabling the Enforced SSO Logins feature. Enforced SSO applies to IT Glue web browser extensions and mobile apps (on iOS and Android).
Note: Compare the list of users in the SSO directory with IT Glue users and ensure anyone who does not exists in the SSO Directory are added to the directory.
Important note: IT Glue accounts with SSO enabled, but not enforced when using subdomain.itglue.com will have the option of both SSO login and local credentials.
- Navigate to Account > Settings > Authentication.
- Navigate to either the SAML SSO or JWT SSO settings based on how you enabled Single Sign On.
- Enable the option Enforce SSO Logins.
- (Optional) To override and allow specific users to log in without SSO, please search and select users. These users will be able to use the override links to bypass SSO.
As of September 28, 2023: A user on the override list will always be required to log in through SSO, unless the user selects the following links based on their datacenter location:
The preceding links work only on the web app and will not work on the mobile app or the browser extension.
- NA: https://subdomain.itglue.com/?sso_disabled=true
- EU: https://subdomain.eu.itglue.com/?sso_disabled=true
- AU: https://subdomain.au.itglue.com/?sso_disabled=true
- Click Save.
Note: If the sole Administrator of an IT Glue account is locked out due to an SSO issue and Enforced SSO is on, then they can raise a support request and upon successful verification, we can:
- Disable Enforce SSO or
- Add them as an SSO Override user, making the above override links their only way to log in to IT Glue.