Single Sign-On (SSO)
With Single Sign-On (SSO) you can manage the users for your Tideways organization entirely through a third-party provider.
This simplifies the management of organizations with many users and standardizes the security and access controls to a central instance.
Single Sign-On in Tideways is based on top of the Teams functionality for an organization. You create a team for a specific SSO provider in an organization and then Tideways will make sure to synchronize the users.
To enable SSO on your Tideways organization you add a team for your preferred SSO provider:
Github - Available in all plans
Azure Active Directory - Only available in the Business plan
Each provider has a different way of synchronizing the users into Tideways. Details are provided in the dedicated documentation page of each provider.
When users log into Tideways through our SSO support, then we revalidate that their account is still active and has access to the organization at least every 24 hours.
Depending on the SSO provider this works in different ways:
For Github, we synchronize users via the REST API and remove users from an organization when they are not part of the Github team anymore that is synchronized. This job runs every 24 hours or when you click "Sync" in the Users settings screen.
For Azure Active Directory, we force redirect and reauthenticate through the login URL of the Azure portal every 24 hours.