Home
New To Everflow
Platform & Account Management
Single Sign-On (SSO)
Single Sign-On (SSO)

SERIES:

Single Sign-On (SSO)

Learn how Everflow's Single Sign-On (SSO) feature enhances security and simplifies access to the platform.

Overview: What is Single Sign-On (SSO)?

Single sign-on is a simple login system that lets you access multiple connected services with one set of credentials. Once you sign in, you can use all connected applications without logging in again.

It works with popular systems like Google Workspace and Azure AD, making it easier for organizations to manage user accounts securely in one place.

Key Benefits

Benefit Description Robust security Ensures only authorized members with company-managed email addresses can access your connected applications Helps protect against unauthorized access by external parties Maintains a secure environment for your sensitive data Gives you greater control over who can access your accounts and data Once you're logged in via SSO, you won't need a separate Everflow login Efficient account management Lets you manage accounts from a single, centralized location (e.g., Google Workspace console) Streamlines your account management process, saving time and reducing errors Allows you to deactivate accounts in one place, automatically revoking access to all connected applications Maintains the security and integrity of your organization's information Your external provider controls login sessions across connected applications Improved user experience Gives you seamless access to multiple applications without remembering separate login credentials Helps you navigate easily between connected applications, saving time and increasing productivity Reduces frustration and enhances your overall satisfaction Makes it easier for your team to perform their tasks efficiently

Setup Process

Involves close collaboration between Everflow and your organization Reach out to Customer Success to begin your setup - please include authentication credentials for speedier setup

Supported Providers

Ready to use with Google Workspace and Azure AD Can integrate with Okta and other popular providers at your request Offers flexibility for your organization to adopt SSO seamlessly Contact Customer Success to explore additional provider support for your needs

External Identity Providers (Social Login)

In addition to Single Sign-On, Everflow supports External Identity Providers - sometimes called "Social Login." This is the familiar "Log in with Google" option you see across many websites. Everflow currently offers the "Log in using Google" option.

Social Login lets users sign in using the credentials of an account they already have, reducing the friction of creating and remembering yet another password. It can also improve security, because Google has strong measures in place to prevent accounts from being compromised, and users tend to notice suspicious activity on their Google accounts quickly. In effect, the responsibility of authenticating the user is delegated to a trusted third-party provider.

How to Enable External Identity Providers

Go to Admin > Settings > External Identity Providers Select edit, then enable the provider you want to offer

Identity Providers (IDP) vs. Single Sign-On (SSO)

While both features rely on external providers, they serve different purposes and behave differently. The key distinction is around control of login sessions and account deactivation.

Single Sign-On (SSO) External Identity Provider (Social Login) Best for Corporate environments that want centralized account management and stronger organizational security Anyone with an existing social/Google login who wants a faster, more convenient sign-in Who it applies to Only makes sense for Network users in an account Makes sense for all user types - Network, Affiliate, and Advertiser Login session control The external provider controls login sessions across connected sites (logging out of your provider can log you out of Everflow) The external provider does NOT control sessions on other sites (logging out of Google will not log you out of Everflow) Deactivating a user Deactivating a user in your central system automatically revokes their Everflow access The provider only matches the email address - to deactivate a user you must do so in both Everflow and the external platform

Enforcing SSO Network-Wide

A network can enforce SSO for its Network users, which disables password login entirely When SSO is enforced, a single identity provider must be chosen Enforcing SSO only makes sense for Network users - it is not intended for affiliate or advertiser users When any form of SSO is enabled, the login experience changes to a two-step flow: the email address is requested first, and the available login options are then shown dynamically based on that email