Google Single Sign-On is a secure authentication system that reduces the burden of login for your users, by enabling them to sign in with their Google account. No need to remember your password anymore!
To enable it follow these steps:
First, click on your profile picture at the top right corner, and select "Administration."
Once you are on the admin section, select "Security". Expand the "Authentication policies" section and select "Add SSO policy." Here, you can choose a name for your policy, which will be displayed on the login page. Next, select "Google" from the list of SSO providers and click "Add SSO provider".
Admins have better flexibility in managing login policies with the ability to customize the email and password policy. This setting makes it easy to exclude specific users from the SSO requirement, offering a flexible solution to adapt login preferences to your team’s unique needs.
When clicking on the three dots next to the "Email and password" section and choosing "Edit", the admin can select the policy members, meaning they can define who the email and password policy applies to—everyone or only some people (e.g., guests, a single user).
Before activating SSO, the email and password policy cannot be modified. By default, after SSO is activated, the email and password policy changes from "Everyone" to "Guests."
There are two options in the email and password policy section:
Option 1: All users (including guests) can log in to monday.com using the email and password policy.
Option 2: Only some people (guests, single user, or both) can use the email and password policy to log in to monday.com.
Choosing "Guests" under "Only some people" would mean that guests can log in using the email and password policy (not only SSO). This is the most commonly used policy option since oftentimes guests are external users not managed by an organization's internal IT.
Choosing "A single user" under "Only some people" would mean that only one chosen team member can log in using the email and password option (not only SSO).
If applicable to your company’s security policy, we recommend using the "Guests" or "Guests and a single user" options under "Only some people" policy members. This means every user on the account, aside from guests and the designated single user, is required to log in using SSO. Guests can be invited to shareable boards and log in using an email and password as normal. In this case, guest emails do not need to be active in the account's IDP to log in. The single-user option provides additional flexibility, allowing one team member to log in using email and password for emergency access if needed.
Feel free to check out how to enable two factor authentication and the SAML on your account.
If you have any questions, please reach out to our team right here. We’re available 24/7 and happy to help.
Comments