HomeGuidesAPI ReferenceChangelog
Guides
Get API Keys
Start typing to search…

SSO Configuration

Enable secure, passwordless access to Truv using your company’s existing identity provider.

Truv supports Single Sign-On (SSO) using both SAML 2.0 and OAuth 2.0 / OpenID Connect (OIDC) protocols, enabling secure authentication through leading enterprise identity providers including Okta, Azure Active Directory, Google Workspace, Ping Identity, Auth0, and custom SAML providers.

Enabling SSO provides:

  • Centralized identity and access management
  • Real-time user deprovisioning
  • Support for MFA policies enforced at the IdP level
  • Compliance with state and enterprise cybersecurity frameworks
  • Full audit logging of all SSO access events

Truv’s onboarding team will work directly with your IT administrators to assist with configuration, testing, and go-live.

Supported Protocols

1. SAML 2.0

Truv supports SAML 2.0 using:

  • HTTP Redirect binding for SP → IdP
  • HTTP POST binding for IdP → SP

2. OpenID Connect (OIDC)

To configure OIDC, you will need:

  • Issuer URL
  • Client ID
  • (Optional) Client Secret, depending on your provider’s configuration

3. Azure Active Directory

For Azure AD integrations, the following is required:

  • Azure AD Domain
  • Client ID
  • Client Secret

Setting Up SSO Access

  1. Contact your Truv Technical Account Manager to request SSO enablement.
  2. Truv will generate a secure, self-service SSO setup link where your IT team can complete the configuration.
  3. Once your identity provider configuration is complete, notify Truv so we can validate the connection.
  4. Truv performs the final toggle to activate SSO for your organization.
  5. Confirm the configuration was successful: Truv will assist with validation - either on a short call for live production clients or via email for onboarding clients - to ensure SSO is working as expected.

End-User Experience

Once SSO is activated for your organization:

  • Users will continue to access the Truv Dashboard using the same login URL.
  • They will enter their work email address as usual.
  • Instead of being prompted for a password, they will be redirected to your organization’s configured SSO provider (Okta, Azure AD, etc.).
  • Any MFA or conditional access policies will be enforced by your identity provider.
  • Upon successful authentication, users are automatically logged into Truv - no Truv-specific password required.
  • If a user is deactivated in your identity provider, they will immediately lose access to Truv.

Updated 21 days ago