Single Sign-On (SSO) is an authentication mechanism that allows a user's identity to be managed by a single, trusted identity provider through which the user can access multiple service providers. SSO is rapidly gaining popularity both for security and compliance purposes, and to improve user experience in an increasingly complex applications and services environment.
When your users have multiple apps and services to navigate, SSO helps keep it safe and simple.
Files.com integrates with the most popular SSO providers. Always a leader in security and integration practices, we understand that our service must play well with others.
SSO integrations are available on Power and Premier plans. Each of our SSO-enabled plans carries different SSO capacities and options, so please review each plan to determine which best fits your needs.
Supported SSO Providers
Files.com integrates with the following SSO providers.
Several SSO integrations will also support user and group provisioning as configured by the SSO provider application.
Enabling SSO Providers
You can add as many providers as you wish.
To add a provider, log in as an administrator and navigate to Settings > Security, click the SSO Providers setting, and then click the Add provider button.
A table of the various options will appear. Click on the logo of the provider desired and then click the Save button. The new provider will be added to the table of enabled providers. You can also disable any enabled SSO providers from this table.
Auth0, Microsoft Azure and Okta require additional configuration to complete the initial setup. Please reference the provider's support documentation to locate your Subdomain, Client ID and Client Secret.
Additionally, Auth0, Microsoft Azure and Okta support advanced provisioning options. Click on Advanced to expand the configuration settings and configure the provisioning settings.
Assigning user SSO methods
After an SSO provider has been enabled for a site, site administrators grant SSO access on a per-user basis. Granting this access can be performed when creating a new user or by modifying an existing user's settings.
To assign an SSO method for an existing user, navigate to Settings > Users and click the username of the user. Next, click Authentication Method and select the desired SSO provider from the dropdown list.
Finally, click Save to apply the setting.
Site administrators can change or remove the user's ability to authenticate via SSO at any time by selecting Password from the dropdown list.
Logging in with SSO
Once you have enabled an SSO provider, a Sign in with... button for that provider will appear on your site's login page. Users are able to click the appropriate service button to be authenticated via the external service and redirected to their Files.com account.
When logging into Files.com using the SSO provider for the first time, users will be prompted to authorize the connection of their provider account with Files.com.
If a user does not have a current session with the SSO provider, they will be prompted to log in to that provider's service before the Files.com authentication is verified.
Frequently asked questions
How do I disable a provider?
To revoke an SSO provider, site administrators must first change all users authentication method that are currently set to use the service. You can quickly identify any users set to this service by scanning the AUTHENTICATION METHOD column of the user list.
Once all users have been modified, click on Settings > Security > SSO Providers and click the Delete button in the provider row.
Can I use SSO with FTP/SFTP/DAV?
Single sign-on authentication can only be used with browser-based sessions, or with the Files.com Desktop App. If the user requires access to FTP/SFTP/DAV connections, the authentication method must be set to Password or Active Directory/LDAP.
Does SSO work with the Files.com Desktop App?
Yes! We have designed the Files.com app to allow connecting with SSO user accounts. Follow the instructions to connect your account, and on the login screen click the SSO provider button assigned for that user.