Single Sign-On (SSO)

Overview

Single sign-on (SSO) gives users the ability to sign in to Avion through an identity provider (IdP) of your choice. With SSO configured correctly and enabled for your organization, your team will be able to access your Avion organization with their corporate credentials.

Avion uses OpenID Connect (OAuth 2.0), a leading industry standard, for exchanging the authentication and authorisation data that Avion supports as a service provider (SP). No actual passwords are transferred to or from Avion during the authorisation.

Benefits of SSO

✅ Scalable user management

Avion can create a new account in your organization every time a new user from your directory logs into Avion via SSO — no extra invitations required. Employees who are removed from your corporate directory will lose access to your Avion organization automatically, but all their associated data will remain intact.

✅ Unified profile data

Since your user identities are managed from one central location, this means that account profile names in Avion will match the names in your directory.

✅ Compliance with security requirements

Your IT administrators will have more control over authentication. Avion users will not be able to change their name or email address on their own. Additionally, any security policies you have adopted internally (password rotation, multi-factor authentication, etc) will automatically apply to your Avion organization.

✅ Ease of access

Once an employee logs in to your corporate network, they can start using Avion without having to enter another set of login credentials. SSO is also a driver for seamless Avion adoption within your company. Your identity provider may also be able to monitor login activity and use the collected metrics to track Avion adoption.

What's next?

If you're ready to setup single sign-on with your Avion organization, we highly recommend you read the below guide which will walk you through the setup process and help you understand how SSO works once it has been enabled.