Single Sign-On (SSO) Integrations in Supplios
Supplios supports Single Sign-On (SSO) integrations with a variety of Identity Providers. This allows your users to authenticate with a SSO / Identity Provider that your company already uses for user access control so users do not have to remember a separate password. This can enhance the overall security of the platform, while also being a more convenient way for your users to login.
Supplios can also integrate with Identity Providers to enable user sync or directory sync between your company directory and user in Supplios. This can enable user provisioning / de-provisioning (automatically adding/removing users from Supplios when the join/leave your company), automatic role and license mapping, etc. This directory sync feature can be enabled using SCIM, or via custom sync integrations.
SSO and user sync features are not available in all plans, so please consult your Supplios account representative for further information.
NOTE: SSO integration is not required. Supplios' built-in authentication system (based on email/password) utilizes modern best practices for security while still balancing ease-of-use for internal users and supplier users alike. Many customers do not implement SSO integrations. Also, SSO sign-in and built-in email/password sign-in can also both co-exist, either temporarily, or as a long-term solution.
Internal vs. Supplier User SSO & Multiple SSO Integrations
Each "host company" in Supplios add zero, one, or multiple SSO/Identity Provider integrations.
Also, each SSO integration can be configured to support internal users only, supplier users only, or both internal and supplier users.
The common use-cases for multiple SSO integrations are any of the following:
- Multiple SSO integrations for internal users, because different subsidiaries or geographic regions have their own user directory, and all of them should be integrated with Supplios
- One SSO integration for internal users and one or more (different) SSO integration for supplier users. This could be used if you already have a user directory of supplier users that you want to integrate with Supplios.
SSO / Identity Provider Integrations
The following providers are a partial list of integrations that Supplios can support.
Other options may be possible, as Supplios can integrate with most systems that support OAuth2 or SAML identity flows.
Supported integrations (partial list):
- Microsoft Entra / Azure AD (Active Directory) — see the setup guide here
- Google Workspace / Google
- Okta
- Salesforce
- Keycloak
- SAML
- OAuth2
- OpenID Connect
Recommended SSO Configurations
If you would like to use SSO / Identity Provider integrations, a common setup that we do with customers is to enable SSO for their internal users (with or without directory sync), then continue to use the built-in email/password authentication for supplier users. "Public" SSO options (Google, etc.) can optionally be enabled for supplier users, in addition to email/password for additional convenience.
In this arrangement, the login page has a "toggle" for internal and supplier users to select their user type, then they are presented with the relevant available login options.
This arrangement provides a good mix of convenience and security for internal users, while keeping things simple for supplier users.
If you have any questions about SSO and other login options, please contact our technical support team at support@supplios.com or contact your Supplios account representative.