Tray Platform / Accounts / Single sign-on

Single sign-on

To increase both usability and security for enterprise users, please note that it is possible to set up SAML-based single sign-on (SSO).

Using SSO with your Organization means that your team members won't have to keep track of their login credentials. They will be able to quickly and easily access the Organization's assets and you can be certain that anyone logging into your Tray.io Organization will be in line with your internal protocols.

There are a number of SSO authentication providers and Tray.io connectors to choose from (such as OneLogin, Duo, Okta). Exactly how SSO will work will depend on the provider your Organization requirements.

Please contact your Tray.io account manager if you wish to proceed with using SSO alongside your Organization.

Important notes on SSO

IMPORTANT!: The Tray platform only supports SAML version 2.0.

Setup

Please follow the following steps to start the process of configuring an SSO for your organisation:

PLEASE NOTE: Some SSO providers use a staging environment which means the SSO setup will need testing before it goes live. This is naturally use case dependant.

Process

Once SSO is setup and tested it will work in one of two ways:

  • Login will be initiated at "your" end. Users will usually initiate their login at a URL which will look similar to this: https://app.tray.io/sso/connection/<organisation_id>

  • When your users login to your authentication portal, they will then be redirected to a "logged in Tray.io session".

  • If a user tries to login with a preexisting Tray.io account, their login will be matched via a UID aka their email address.

  • If this is a new user, then a new account will be created and registered with your SSO provider.

Instructions for individual SSO providers

Okta

Below is a summary of setup instructions for Okta users.