Overview
Brandcrush can be integrated with your company's Single Sign-On (SSO) solution to enable seamless and secure access to Brandcrush for your buying team. There are many benefits of using SSO including:
- Allowing users to access Brandcrush with a single click, eliminating the need for private Brandcrush credentials
- Allowing admins to manage their users from one centralized location and apply authentication policies inline with your organization’s other enterprise applications
Which Identity Providers does Brandcrush support?
Our SSO offering supports all major Identity Providers who use the SAML 2.0 protocol. This includes Okta, Azure AD, G Suite SAM and Okta and can add further providers if needed.
Which SSO flows does Brandcrush support?
We support both Service Provider-initiated SSO (in which users log in via a Brandcrush login page) as well as Identity Provider-Initiated SSO (in which users log in from your IdP dashboard).
Does SSO apply to all team members?
Yes. Once SSO is configured, all users from your organization will be required to login via the SSO flow. Users will no longer be able to log in with their Brandcrush usernames and passwords. Team members will need to use an email associated with your organization’s domain.
Does Brandcrush support just-in-time provisioning for SAML?
Yes, Brandcrush’s SSO solution supports both authentication and just-in-time provisioning for SAML. The following attributes (first name, last name, email) are required as part of the SAML response for Just-in-time provisioning.
How is SSO configured?
SSO configuration is handled “behind the scenes” in collaboration with your Brandcrush account team.
There are currently no in-app settings related to SSO. To get started, please contact support@brandcrush.com. You will need to provide a Metadata file and x.509 certificate as part of the setup process.