For easier and more secure access to your dashboards, Geckoboard provides Single Sign On (SSO) authentication via both OAuth (G Suite) and SAML (Okta, OneLogin, Microsoft Azure AD and more).
SAML and OAuth are security standards for logging into applications. Single Sign On (SSO) allows users to log into many applications or websites via one set of login details.
When enabling SSO, you'll have to restrict your emails to a maximum of two domains but ideally just one (e.g. my-company.com). This ensures that all emails of these domains (email@example.com) will be authenticated by your SSO.
Benefits of using SSO include:
- Increased security and less risk of accounts being compromised
- Reduced password fatigue or forgetfulness from managing different user name and password combinations
- Reduced time spent entering passwords
- Simplified authentication by using your known system across your company
What Identity Providers (IdP) does Geckoboard support?
Geckoboard SSO works with all popular Identity Providers (IdP) that support the SAML protocol, including Okta, OneLogin, Microsoft Azure AD, etc.
How do I set up a SSO access for my Geckoboard account?
Your Account Owner can request SSO by getting in touch with our team.
Once enabled, all users in the organization must use SSO to log in.
Your email address in Geckoboard must exactly match your email address used for SSO. For example, if your
firstname.lastname@example.org in Geckoboard, but
email@example.com with your SSO provider, you won’t be able to log in with SSO. If this is the case, let us know and we can make the change.
We can also support organizations whose users have email addresses that span multiple domains.
How do I disable SSO access?
Your Account Owner can request to disable SSO for your organization by getting in touch with our team.
When SSO is removed from an organization, any users who were in the account prior to SSO being enabled will be able to log in using their old password. Any users added to the account after SSO was enabled will need to go through the reset password flow.