English (US)
Deutsch
Español (América Latina)
Français
Português (BR)
Log inTry it free
Knowledge Base
Status
Contact Support
Knowledge BaseStatusContact Support

Knowledge Base

Knowledge Base/Privacy and security/Security features/Single sign-on (SSO)

Topics
Setting up SSO
Granting user access
Deactivating a user

Single sign-on (SSO)

JT
Jenny Takahara, November 22, 2022
Note: The single sign-on feature is one of the many useful features of Pipedrive’s Essential, Advanced, Professional and Enterprise plans.

If you have a big Sales team, you know the administrative pain of creating multiple new accounts every time someone joins your team.
To help you cut back on onboarding time and overheads, we have single sign-on – or "SSO" – in the Essential, Advanced, Professional and Enterprise plans of Pipedrive.

If you are just getting started with Pipedrive, you can check out our "Get your team on board" Pipedrive Academy course.

Setting up SSO

An account with SSO enabled means you only have to create one set of logins for your users. You can set up an account for them in your own system and they'll automatically have login credentials for Pipedrive, saving your team time and effort.

Note: Setting up SSO requires some technical expertise, so we suggest speaking to your internal IT teams for their assistance in providing the necessary information for the SAML configuration.

To configure their SAML settings for single sign-on, admin users can go to Settings > Single sign-on in their company Pipedrive account. You'll need to enter some keys that your internal IT team should be able to locate for you, then you're all set – it's really that simple!

Screen_Shot_2020-08-25_at_4.38.37_PM.png


Once you have tested the provided information and confirmed that it works, simply click the "Enable for users" toggle. The information will need to be copied over to your SSO provider. We have more information on how to set up SSO for the most popular SSO providers here:

If you would like the added security of disabling password access to Pipedrive and relying on SSO alone, simply click the "Enforce SSO login" toggle.

Granting user access

You will first need to give the user access to Pipedrive in your SSO provider's (e.g., Okta) settings. The user will then be able to log in to Pipedrive using SSO. If the user already was active in Pipedrive with the same email, a regular user verification flow will be done.

Logging in and logging out

To log in to Pipedrive with SSO, go to app.pipedrive.com/auth/sso. Clicking "Log out from Pipedrive" will only log you out from Pipedrive and not your SSO provider.

Deactivating a user

When deactivating a Pipedrive user through your own SSO system, we suggest keeping the following things in mind:

  • Deactivating a user disables their login credentials. You will continue to pay for the user and the seat, so if you don't intend to replace that user, make sure to remove the seat as well to avoid any unexpected surprises on your invoice.
  • While the user's login credentials will be disabled, they will still be able to access their account for up to thirty days if they remain logged in. To prevent any issues, we suggest ensuring that users log out of Pipedrive and are deactivated in Pipedrive when you deactivate their login credentials through your own SSO system.

Note: The single sign-on feature does not work alongside Pipedrive's two-factor authentication function.
Was this article helpful?

Yes

No

Related articles

Got any questions?

Contact us