Too many passwords to remember, not enough pet names to use! WorkOS for SSO can help! If you are an Admin user, you can customize SSO options for your organization with a number of available identity providers, including Azure and Google. Then, users can enter the credentials associated with their identity provider to log into RaiseDonors and Virtuous, making it easier (and more secure) than ever to switch between products.
Before configuring WorkOS for SSO, you will need to reach out to your Customer Success Manager to set up your subscription. You must also have admin permissions to configure SSO.
Once You Are Subscribed
Once you have subscribed to WorkOS for SSO, you'll find a new tab under System Settings.
Once selected, you'll want to make sure your organization name and primary domain (what comes after the @ of your organization email: yourorgname.com) are included. To learn more about WorkOS, navigate here. Select the green Configure SSO button at the bottom.
Once you've selected Save and Continue, you'll be prompted to find your identity provider.
Note: the primary domain is what allows SSO to work when your team logs in to RaiseDonors. Please enter only your organization’s root domain. This can be found after the @ in the team email addresses (ex. raisedonors.com). Please do not enter anything additional, such as http:// or www.
Part of this configuration includes sharing tokens and URLs between WorkOS and your identity provider. You will be taken to a screen with further direction on how to initiate that share depending on the provider you selected.
Once you complete the sync, WorkOS will ask you to test your sign-in. From there, go into the Virtuous app and enter the email address associated with your provider. You will be redirected to your provider to fill out your other credentials. After you enter them correctly, you're in!
Directory Sync
Enable Directory Sync with WorkOS to integrate real-time activation and deactivation of your users. With another straightforward setup you can connect RaiseDonors to your user directories, keeping us informed of any changes to your users.
A Few Other Notes
- If you forget your password, you will need to go through your provider to reset.
- Your login credentials should also work for the Virtuous CRM.
- Users will still need to be invited to RaiseDonors before they can log in using credentials associated with your provider. Be sure to invite them with the email address associated with your primary domain and provider.
Identity Providers You Can Use
- AD FS SAML
- ADP OIDC
- Auth0 SAML
- Azure AD SAML
- CAS SAML
- ClassLink SAML
- Cloudflare SAML
- CyberArk SAML
- Duo SAML
- Generic SAML
- Google OAuth
- Google SAML
- JumpCloud SAML
- Keycloak SAML
- LastPass SAML
- Microsoft OAuth
- miniOrange SAML
- NetIQ SAML
- Okta SAML
- OneLogin SAML
- OpenID Connect
- Oracle SAML
- PingFederate SAML
- PingOne SAML
- Shibboleth Unsolicited SAML
- Shibboleth Generic SAML
- SimpleSAMLphp SAML
- VMware Workspace One SAML