Single Sign-On (SSO) allows users to log into Prodoscore using their corporate identity provider credentials instead of a separate Prodoscore password. This improves security, reduces password fatigue, and streamlines user management.
What Is SSO?
SSO is an authentication system where a user logs in once to their corporate identity provider (e.g., Microsoft Entra ID / Azure AD) and gains access to multiple applications, including Prodoscore, without re-entering credentials.
Traditional login: User types Prodoscore email and password → Prodoscore verifies credentials → User is logged in
SSO login: User clicks "Sign in with [Provider]" → Redirected to corporate login (e.g., Microsoft) → Corporate provider verifies credentials → User is redirected back to Prodoscore, already authenticated
Supported Identity Providers
Microsoft Entra ID (Azure AD): Full SSO support. See Microsoft Entra SSO (Azure AD) Setup for configuration steps.
Other SAML 2.0 Providers: If your organization uses a different identity provider that supports SAML 2.0 (Okta, OneLogin, Ping Identity, etc.), contact Prodoscore support for guidance. Configuration is possible but requires custom setup.
Benefits of SSO
- Better Security: Users don't create weak passwords for yet another app. Corporate identity provider handles authentication with stronger policies (MFA, password history, etc.)
- Easier User Management: When a new employee joins, add them to your corporate identity provider. No separate Prodoscore account creation needed.
- Faster Offboarding: When an employee leaves, deactivate them in your identity provider. They lose Prodoscore access automatically.
- Reduced Support Burden: Fewer password reset requests. Users use the same password as their corporate account.
- Compliance: Centralized audit logging of who accessed Prodoscore and when.
User Provisioning with SSO
Important: SSO handles authentication only. You still need to create users in Prodoscore (or use automated provisioning).
Workflow:
- New employee is added to your corporate directory (Entra, Okta, etc.)
- IT admin creates a Prodoscore account for that employee with the same email address
- Employee can now log in using SSO (corporate credentials)
Or, use automated provisioning (SCIM) to sync users from your identity provider to Prodoscore automatically. Contact support@prodoscore.com for SCIM setup guidance.
MFA (Multi-Factor Authentication) with SSO
If your organization requires MFA (e.g., Microsoft Authenticator, Duo, Okta Verify), users will be prompted for MFA when logging in via SSO. This is configured in your identity provider, not in Prodoscore. SSO inherits your identity provider's MFA policies.
Conditional Access
Some identity providers (like Entra) allow conditional access policies. Example: "Allow Prodoscore access only from corporate network or VPN." These policies are configured in your identity provider and automatically apply to Prodoscore SSO.
Getting Started with SSO
If using Microsoft Entra: See Microsoft Entra SSO (Azure AD) Setup for step-by-step configuration.
If using a different provider: Contact support@prodoscore.com to discuss your identity provider and initiate SSO setup. Prodoscore support will provide specific configuration details.
Common Questions
Q: Can I use SSO without SCIM (automated provisioning)?
A: Yes. You manually create Prodoscore accounts and enable SSO for authentication. When a user leaves, deactivate them in Prodoscore manually.
Q: What if I have multiple organizations / subsidiaries?
A: SSO is configured per workspace. If you have multiple Prodoscore workspaces, each can have its own SSO configuration.
Q: Can I mix SSO and password-based login?
A: Usually not. Once SSO is enabled, all users are required to use SSO. Some providers allow a grace period for migration.
Q: What happens if SSO fails?
A: Users see an error message. They cannot log in. If your identity provider is down, Prodoscore access is unavailable. Plan for this scenario.
Q: Is SSO more secure than passwords?
A: Generally yes, because your identity provider enforces stronger security policies. However, security depends on how well your identity provider is configured and maintained.
Troubleshooting SSO
See Microsoft Entra SSO Setup for troubleshooting guidance if using Azure AD. For other providers, contact support@prodoscore.com with details of the issue.
