Egnyte can integrate with all major Single Sign-On (SSO) providers. Any identity provider using SAML 2.0 and can be configured to provide access to Egnyte's Web UI, Mobile Apps, Desktop App, and Outlook. Below is a list of some of the common SSO providers and supported features.
Web UI | Mobile | Desktop App |
Office Add-in |
Import Existing Users to Egnyte |
|
OneLogin | ✔ | ✔ | ✔ | ✔ | |
Okta | ✔ | ✔ | ✔ | ✔ | ✔ |
AzureAD | ✔ | ✔ | ✔ | ✔ | ✔ |
ADFS | ✔ | ✔ | ✔ | ✔ | ✔ |
✔ | ✔ | ✔ | ✔ | ||
Ping Identity | ✔ | ✔ | ✔ | ✔ | ✔ |
Centrify | ✔ | ✔ | ✔ | ✔ | ✔ |
Oracle Identity Cloud Service | ✔ | ✔ | ✔ | ✔ | |
AuthAnvil | ✔ | ✔ | ✔ | ✔ | |
SecureAuth (ldP) | ✔ | ✔ | ✔ | ✔ | |
SecureAuth (SP) | ✔ | ✔ | ✔ | ✔ | |
RSA | ✔ | ✔ | ✔ | ✔ | |
Watchguard | ✔ | ✔ | ✔ | ✔ | |
Other SAML 2.0 vendors* | ✔ | ✔ | ✔ | ✔ | N/A |
* Contact Egnyte support if your SSO provider is not on the list above. We can work with any SSO provider that is SAML 2.0 compliant.
Google SSO
As an alternative to SAML providers, we also support Google SSO which is different from other providers. There are no special configuration requirements outside of setting the Single sign-on authentication setting to Google Apps in Egnyte. As long as the email address of the user in Egnyte corresponds to a Google account (this includes gmail.com and Google Apps email addresses) and their authentication type in Egnyte is set to 'SSO', they can sign in to Egnyte using Google.
Limitations
- External authentication via SSO is only available for Admins and Power Users.
- Only a single SSO configuration can be enabled at a time. Adding multiple SSO sources to one Egnyte domain is not currently supported.
Non-SSO Passwords
In some cases, a non-SSO password is needed to access applications such as FTP, SFTP, and Public API, that do not support SSO login.
- Non-SSO passwords cannot be used to log into the Egnyte Web UI, desktop, mobile, or other Egnyte applications.
- Any SSO-authenticated user can set a non-SSO password unless it is explicitly disabled for the domain by contacting Egnyte support.
- Domain admins are not notified when a user sets up a non-SSO password.
- With a non-SSO password, the end users are not required to authenticate using TSLV during login.