EchoSolv supports Enterprise Single Sign-On (SSO) to streamline and secure the login process for users. This article will guide you through enabling, managing, and troubleshooting SSO for your organisation.
Domain Configuration for Your Organisation
Our Product Support team typically configures domains associated with your organisation during onboarding. This ensures that users from your organisation can seamlessly use SSO to log in to EchoSolv. To enable Single Sign-On you must authenticate with the selected domain(s) you provided.
Enabling Enterprise Single Sign-On for Your Organisation
Organisation Admins can access the Single Sign-On options for their organisation.
Click the User Action Menu
Click Organisation Management
Click the Integrations tab
Click Enable Single Sign-On to be directed to the Microsoft Authentication area
Request approval from your Microsoft Entra admin
Once the request is completed click Go back to App
You will receive a toast notification in the Echo IQ platform saying 'The resource owner denied consent', this indicates that your IT admin needs to approve the request from Microsoft Entra (refer to Figure 1)
When your IT Admin has approved, click the Enable Single Sign-On button again to be directed to the Microsoft Authentication area and enter your details again
Once completed you will be directed to the Configuration Page to set up if you want to Allow users to Sign-Up via SSO automatically and click Enable
Your clinic's IT Admin will need to approve your SSO request via Microsoft Entra
Figure 1: IT Admin approving SSO for EIQ Application
Allow users to automatically Sign-up via SSO
Once SSO is enabled, your Organisation Admin can allow new users to sign-up via SSO with the same domain and select what role(s) they would like to assign these new users. For more information regarding each role, refer to our User Roles Explained article. The configuration area can always be updated to your preferences.
FAQ
What happens when SSO is enabled for an Organisation?
When SSO is enabled for an Organisation, all domains that are associated with that Organisation can sign in via SSO.
Can any Organisation associate SSO with a domain that has already been enabled or disabled for another Organisation?
No, if a domain has already been enabled or disabled for SSO by an Organisation, only that specific Organisation can associate SSO with that domain.
I see a 'User Management' option when I select roles. What does this mean?
This role should currently be ignored in the SSO configuration area.