Learn answers to common questions regarding Apricot Federated Single Sign-On (SSO).
Q: Is SSO available in my country?
SSO is available for Apricot users in the United States, Canada, and Australia. Only administrators can access the Manage Federated SSO page in Apricot.
Q: Is SSO the same as two-factor authentication?
SSO itself is not a two-factor authentication system, but it can work with an Identity Provider (IDP) that supports multi-factor authentication (MFA). MFA for SSO users must be done through an IDP, as MFA through Apricot is not supported.
Q: What protocols or standards are supported?
Apricot Federated SSO only supports SAML 2.0 protocol.
Q: Can we create our own custom login URL?
Currently, we do not have the option for organizations to create their own login URL. or use a custom subdomain.
Q: Does adding a user to my Identity Provider (IDP) also add the user to Apricot?
No, an Apricot administrator must add the user account and user permissions in Apricot separately from the IDP.
Q: What do I do if I have two databases to log into (ex. a live database and a Sandbox)?
Each Apricot environment must have its own SSO configuration and unique SSO login URL. Users will not be able to log in to both environments with the same login URL.
Q: Can administrators grant standard users access to manage SSO?
Advanced Access Control user settings in Apricot do not apply to the Manage Federated SSO page.
Q: Are guest users supported in SSO?
Yes, guest users may log in to Apricot through SSO if they can authenticate their credentials through your IDP.
What else do you need help with?
Not what you're looking for? Navigate to overview