What is Single Sign On (SSO)?
Single Sign-On (SSO) is a secure and convenient authentication method that allows users to access multiple applications using a single set of credentials. Instead of creating and managing separate usernames and passwords for every service, users can log in using their existing corporate identity—such as their Microsoft Entra ID (Azure), Google Workspace, or another supported SSO provider.
When SSO is enabled in the SecurityHive Platform, users can authenticate through their organization’s centralized identity provider. This means:
Simplified login experience: Users sign in with one familiar account—no need to remember another password.
Improved security: Access is controlled through your organization’s identity provider, including support for multi-factor authentication (MFA) and access policies.
Centralized user management: IT teams can manage access and permissions from a single directory, making onboarding and offboarding more efficient.
By connecting your SSO provider to SecurityHive, your organization can streamline access while maintaining robust security and centralized control.
Supported Providers
Microsoft Entra ID (Azure)
Google Workspace
Please contact us for other or customized providers.
Configure SSO for your account
Before you're able to use SSO, you'll need to connect your account. First, login to the SecurityHive Platform using your "normal" credentials (email/password).
Navigate to your profile by clicking the icon on the upper right corner of your screen.
Switch to tab "Security".
You'll see a section called "SSO authentication". Click on the provider you'd like to connect.
You'll get redirected to your provider to authenticate and will return back to the SecurityHive platform automatically.
Your SecurityHive account is now connected to your SSO provider and you can use your SSO provider to login on your next visit.
Disconnect SSO provider for your account
You may want to disconnect the SSO provider coupled with your account. If so, a button called Disconnect will appear in the same location you've used to connect your provider (see previous step).
Enforce a SSO provider for the whole organization
As an organization administrator, you may choose to enforce a specific SSO provider for all users within your organization. This ensures that all authentication is managed centrally through your identity provider.
To configure a Single Sign-On (SSO) provider for your organization:
Navigate to Organization Settings
Click the Organization icon in the menu on the left side of your screen to open your organization's settings.Select an SSO Provider
In the SSO Provider section, choose your preferred identity provider (e.g., Microsoft Azure AD, Google Workspace).Optional vs. Enforced SSO
If no provider is selected, users may individually connect their own SSO account, but they will not be required to do so.
If a provider is selected, all users within the organization will be required to log in using that SSO provider. Traditional email/password logins will be disabled for them.
This configuration ensures a consistent and secure authentication flow for all users in your organization.
Restrictions
If a SSO provider is connected, users won't be able to authenticate with email/password credentials. Only the configured SSO provider can be used.
If a SSO provider is enforced for an organization, users without a provider connected will be redirected to connect with the provider.
SecurityHive's 2FA/MFA won't be enforced/prompted once a SSO provider is connected. SecurityHive will rely on your SSO provider's authentication result.
The email address of the SSO provider's account MUST match the email address of the user in the SecurityHive Platform.
Users can't disconnect their SSO provider if a SSO provider is enforced for the whole organization.