Single sign-on (SSO) is an authentication method that allows users to sign in using one set of credentials to multiple independent software systems. Using SSO means a user doesn’t have to sign in to every application they use.
WhenToWork’s IAM (Identity and access management) support follows the OAuth2/OpenID standard, as implemented by Azure AD (Entra ID) and Okta identity access management providers.
Configuration and setup is performed by a new “Tech” user type, presumed to be someone in your organization having expertise in Azure or Okta implementations.
Add A Tech User
A Tech user account can be created for anyone, including the current WhenToWork company Manager; however, SSO configuration capabilities are only accessible when signed in to the Tech user account.
Add a Tech user to your WhenToWork company account using the existing SETTINGS > Add/Edit Managers page:
- Login from your Main Manager account
- Navigate to SETTINGS > Add/Edit Managers
- Look for “Add Tech User“
- Provide First name, Last name and a valid email address.
- Click on “Add New“
- If “Email new tech user sign in instructions” is checked, login instructions will be emailed to the new tech user.
Sign In To Your Tech User Account
Sign in to your Tech user account using the WhenToWork standard sign in page.
Select the SSO tab under the SETTINGS top menu item.
If a SSO provider is not yet enabled, click on either “Enable Okta” or “Enable Azure” under “Enable Single Sign On” which will open the “Enterprise SSO Configuration” page.
This page supports all fields needed for SSO configuration; however, we recommend using the “SSO Setup Assistant” button which provides step-by-step instructions and incremental validation of SSO input values.
When your reach the end of the steps in the SSO Setup Assistant, your account should be ready for the Manager to begin provisioning employees from your selected IAM.
See the help page at SSO Mode Options for information which will help you select a Mode that best suites your organization’s SSO management and user provisioning needs.