An outline of the steps to configure your identity provider to work with the Join platform for single sign-on (SSO)
- Configure SSO for Join and submit your details to us
- Communicate the change to your users
- Enabling and testing the SSO connection
1. Configure SSO for Join and submit your details to us
If you would like SSO setup for your company, please complete the form linked below, which includes instructions for any pre-setup required for your provider. Once submitted, our Support Team will reach out to coordinate either addition configuration actions or the steps outlined below.
Join currently supports the following Identity Providers and Protocols:
- Microsoft Azure AD
- Google Workspace
- SAML 2.0
Note: Don’t see your identity provider listed. Please contact our Support Team as we continually evaluate which providers to support.
2. Communicating with your Join Users
We recommend notifying your Join users of the switch to single sign-on, as their login experience will look slightly different. They’ll typically no longer need to enter a password when accessing Join, as they’ll already be authenticated with your identity provider. You can find a list of your Join users in the Company Administration portal, and your Join admin will be able to help here.
Here’s an example email you can use:
At <insert time> on <insert date>, we will be turning on Single Sign-On (SSO) for Join.
After this date, when logging into Join after entering your email on the login screen, you may be redirected to authenticate with your <insert identity provider> credentials rather than your current Join password.
On most occasions, since you are already authenticated through SSO, you will only need to enter your email address on the login page to access Join.
Should you have problems logging in, you can reach out to the Join Support team at firstname.lastname@example.org.
Tip: Be on the lookout for users who may have changed their emails. It is likely that they are still using their old email address with Join, and when they log in via SSO, they will no longer have access to their projects. We can work with you to resolve this before enabling SSO.
3. Enable and test the SSO connection
When it is time to go live, our Technical Support team will flip the switch to enable SSO for your company. We’ll email you to let you know SSO is live and ask that you test logging into Join to ensure everything is working as expected.
Any individual within your organization can test, whether they have an existing Join account or not. If you don’t have an existing account, we’ll automatically create one as part of the authentication process.
Caution: Azure AD customers, if you have Admin consent requests enabled, an Azure admin will need to approve the app once the first user has initiated a login.