Single Sign-On (SSO) is a method of authentication (signing in to a service) that companies have adopted over the years as it centralizes the security for IT administrators. IT admins can use a single portal for controlling their employee's access. In large corporations, this is ideal because new employees that join their company often need access to multiple software services. But, having the new employee sign up for each service on their own can be cumbersome and time-consuming. SSO centralizes the process by allowing an IT admin to give access for a new employee to multiple services at once through a single sign-on profile.
Supported SSO methods
InVision supports SSO via SAML—including SAML with Google Cloud.
SAML lets users sign in after successfully authenticating against your SAML identity provider and will also automatically create an account upon sign-in if one doesn't exist. The most common types of SAML implementations we support are via 3rd party vendors like OneLogin or Okta, but you can also integrate Active Directory with InVision via SAML using ADFS. We also support any IdP that properly conforms to SAML 2.0.
What to know before setting up SSO
There are a few important things to note about our SSO implementation:
SSO is an Enterprise exclusive feature
SSO is only available to Enterprise companies at this time. If you're not a member of an Enterprise you will not be able to have SSO enabled for your InVision account. This also means that SSO won't apply when you sign in via https://login.invisionapp.com as it only applies to your Enterprise subdomain.
Setting up SSO
If you're setting up SAML SSO, please refer to the following documentation:
- SSO - Configuring Okta for use with InVision
- SSO - Configuring OneLogin for use with InVision
- SSO - Configuring ADFS for use with InVision
- SSO - Configuring SAML with Google Cloud Credentials for use with InVision
- SSO - Configuring Microsoft Azure for use with InVision