top of page

X-Analytics SSO User Guide

Updated: Jan 26

Please use the below user guide to configure and manage Single Sign-On (SSO) for X-Analytics within your organization. You can use the below table of contents to navigate to particular areas of reference within the guide.


SSO configuration


SSO can be configured on the organization management page. Permissions to configure SSO for an organization are granted to users with the organization admin role assigned to this organization.


Subscription


SSO configuration is available for selected subscription tiers. Users can add SSO login method to their organization if they have one of the following subscription tiers:

  • Enterprise

  • Private Equity

Before configuration, the SSO method will be visible on the list with the status 'inactive'.



The SSO login method is not available for subscriptions:

  • Core

  • Professional


The SSO method is visible on the list of possible login methods, but it is grayed out and its status is 'not included'. In this case, SSO cannot be configured.


SAML


You can access SSO configuration by clicking the action menu next to the SSO login method. In the configuration window you can select Authentication Protocol: SAML. Then provide:

  • Provider Name

  • Identity Provider Entity ID

  • SSO URL

  • Certificate

  • Service Provider Entity ID




The last field contains the Authorization Callback URL, which is required in your SAML app configuration.


OIDC (OpenID Connect)


After opening the configuration window, select OIDC in the Authentication Protocol field. Then complete the fields:

  • Select Provider Name

  • Custom Provider Name

  • Client ID

  • Client Secret

  • Issuer URL




In this case, there is also an Authorization Callback URL at the end, which needs to be entered in your OIDC app configuration.


How to find data from SSO provider required for configuration


Google

You can find information about creating Google integration in the official documentation: Set up SSO for your organization - Google Workspace Admin Help


Azure Entra

You can find information about creating Azure Entra integration in the official documentation: Add an OpenID Connect-based single sign-on application


Okta

You can find information about creating Okta integration in the official documentation:


Custom


To configure a provider not listed above, search for “OIDC app configuration”, “Integration configuration” or “SAML configuration” in the documentation of your provider.


Select "Custom" for the provider and provide the required information for configuration related to your service as specified above.


SSO reconfiguration


If incorrect data is entered or if data needs to be updated, SSO can be reconfigured. To do this, click on the action menu next to the SSO login method and select reconfigure.



After making changes, click the 'Reconfigure SSO' button to save the changes. The process can be interrupted without saving any changes by clicking the 'Cancel' button.


Inviting users with SSO

When SSO is enabled for your organization, you can choose SSO as the login method when inviting a new user. To do this:

  1. Click the invite users icon,

  2. enter email address,

  3. choose role,

  4. select login method,

  5. click the plus icon,

  6. repeat steps 2-5 if you want to invite more users,

  7. click send invitations.




Invited users will be able to log in using SSO.


Changing user’s login method


To change the active user's login method:

  1. Find the users table

  2. Select the user whose login method you want to change

  3. Select Edit user from the action menu

  4. Change log method

  5. Save

The selected user will now be able to log in via SSO.


Register with SSO


The user receives an invitation to the application by e-mail. After clicking on the link in the email, the user will be redirected to a form in which he must provide basic data, accept the terms and conditions and privacy policy, and configure MFA. After setting up MFA, the user also receives the recovery code needed to reset MFA if they wanted to set it up again.


Login with SSO


After registration, the first login via SSO is as follows:

  1. The user goes to their organization's login page.

  2. The user clicks the Login with SSO button.

  3. A pop-up appears allowing user to log in with the provider selected for his organization

  4. After successful authentication, the user enters the MFA code.





After completing these steps correctly, the user will be logged in to the application.


Deactivating SSO


To deactivate SSO, click on the action menu next to the SSO login method and select deactivate. Once you confirm your choice, the SSO login method will be deactivated and you will no longer be able to log in to your organization using SSO. The SSO status will be inactive on the list of possible login methods. After deactivation, SSO can be configured again.



If you have any difficulties or questions, please, contact the support team for assistance at support@x-analytics.com.



205 views
bottom of page