SSO is a security framework that allows your users to authenticate access to multiple applications, including Omega Point, using one set of login credentials. Additional benefits of using SSO through one of our support providers is the ability to use these provider’s built-in two-factor authentication (2FA).
Omega Point has integrated SSO services through Microsoft Entra ID, Okta, and Google. If you would like to set-up 2FA/MFA without using SSO, please read this 2FA article instead.
If you are interested in enabling SSO on your OP account, please send an email to [email protected] with the following information:
Account Admin Email
The account administrator’s responsibility will be to approve and rescind user’s ability to sign-in to Omega Point.
Confirm existing SSO and identity management services.
Determine if Okta, Google Apps or Microsoft Entra ID* SSO is enabled within your organization.
Determine which domain is to be configured. Typically this is the part after the @ in your email address. Advanced users may have a different domain associated with SSO.
If this is a new account, send initial list of user names and emails to Omega Point to add.
Once Omega Point receives this information, we will work with you to configure your login workflow onto the Omega Point platform.
Account administrator receives SSO login email and is approved.
All other users receive email to sign into Omega Point using SSO
*If your identity provider is Azure AD (cloud-based), please see below for additional details.
Additional Details for Microsoft Entra ID SSO
* Azure AD is now known as Microsoft Entra ID *
Follow these steps if using Microsoft Entra ID
Confirm existing Microsoft Entra ID SSO and identity management service.
Follow Steps 1-4 from above.
Report & monitor sign-ins using Azure Ad Portal. More info at https://learn.microsoft.com/en-us/entra/identity/monitoring-health/concept-sign-ins
Troubleshooting initial configuration
Microsoft SSO has a few associated options that may interfere with the Omega Point SSO integration. If Microsoft Entra ID, we need to know ahead of time if A) their Microsoft Entra ID configuration allow users to add applications to their tenant or B) if it is required to be done by the Microsoft Entra ID administrator.
By default, Microsoft Entra ID options include
Users can consent to apps accessing company data on their behalf : YES
Users can register applications : YES
Here's an article from Microsoft if these configurations are set to
NO : https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/configure-user-consent?pivots=portal#grant-admin-consent-to-enterprise-apps-in-the-azure-portal