Search

Configuring Single Sign-On (SSO) with Functionize

Overview

Functionize supports Single Sign-On (SSO) to streamline secure authentication for your organization. We support both SAML 2.0 and OpenID Connect (OIDC) protocols from major Identity Providers (IdPs).

SSO configuration is a collaborative process that requires coordination between your organization's technical team and the Functionize Support team; it is not a self-service feature. The login flow is Service Provider (SP)-initiated, meaning users must begin the login process from the Functionize login page.

How It Works

Follow these steps to set up SSO for your organization:

  1. Contact Functionize Support

    To begin, contact the Functionize Support team at support@functionize.com to initiate the SSO setup process.

  2. Provide Initial Details to Functionize

    Your team will need to provide the following information:

    • Identity Provider (IdP): The name of your IdP (e.g., Okta, Azure AD).
    • Protocol: The protocol you will be using (SAML 2.0 or OIDC).
    • Email Attribute: Confirmation that your IdP sends the user's email in one of the following formats: email, user.email, or NameID. The email address must match the user’s Functionize login email exactly.
    • Technical Contact: The name and email address of the person responsible for managing your IdP configuration.

  3. Configure Functionize in Your IdP

    Use the following values to configure Functionize as a Service Provider (SP) in your Identity Provider. Replace [companyname] with your company name in all lowercase letters with no spaces (e.g., google).

    • Assertion Consumer Service (ACS) URL: https://functionize.us.auth0.com/login/callback?connection=[companyname]
    • Entity ID: urn:auth0:functionize:[companyname]

  4. Provide Metadata to Functionize

    After configuring the application on your IdP, share the required metadata with the Functionize Support team.

    • For SAML: Provide the Metadata XML file or Metadata URL.
    • For OIDC: Provide the Issuer URL, Client ID, and Client Secret.

  5. Finalize Setup and Log In

    The Functionize team will use your metadata to complete the configuration. After setup is complete, your users can log in using the Login with SSO option on the Functionize login page.

Limitations

While Functionize Support will guide you through the SSO setup process, the configuration of your internal network, firewalls, and Identity Provider access policies is outside the scope of Functionize support. These systems must be managed by your own IT department. Your IT team may need to grant necessary access or allowlist Functionize IP addresses to ensure a successful connection.