Setup for SSO scenario

First, IES admin has to order as many SSO licenses as many users will use IPI Authenticator.

Administrators can log into the IES service and use the SSO service by default, but employees with user accounts cannot, so they first must have an explicit permission of the administrator:

Select an employee and click the 'Edit' button.
Then click the 'Enable SSO' button at the opened page to give the permission.

If you want to require IPI Authenticator as a second factor, check the "Required Two Factor Authentication" box and then click the "Enable" button.

If you want to allow user use passwordless authentication with the IPI Authenticator, don't do it, just click "Enable" button.

Enabling SSO for new employee

Also, you can enable SSO and the second factor for the user during the employee creation on the “Single Sign On” step:

PreviousNext steps NextUser guide

Last updated 9 months ago