Single Sign-On (SSO)
With Single Sign-On (SSO) you can manage the users for your Tideways organization entirely through a third-party provider.
This simplifies the management of organizations with many users and standardizes the security and access controls to a central instance.
Getting Started
To enable SSO on your Tideways organization you add a team for your preferred SSO provider:
-
GitHub - Available in all plans
-
Azure Active Directory - Only available in the Pro plan
Each provider has a different way of synchronizing the users into Tideways. Details are provided in the dedicated documentation page of each provider.
Security
Whenever users log into Tideways through our SSO support we revalidate that their account is still active and has access to the organization. This is repeated at least every 24 hours.
Depending on the SSO provider this works in different ways:
-
For GitHub, we synchronize users via the REST API and remove users from an organization when they are not part of the GitHub team anymore that is synchronized. This job runs every 24 hours or when you click "Sync" in the Users settings screen.
-
For Azure Active Directory, we force redirect and reauthenticate through the login URL of the Azure portal every 24 hours.