Single Sign On (SSO) for Workers

Overview

The Single Sign On (SSO) for Workers bundle is the recommended approach for Worker Portal logins, offering enhanced security and a simplified sign-in experience. Rather than entering CIMcloud-managed usernames and passwords to login, people will see a Sign In With Microsoft or Sign In With Google button.

What is SSO?

Single Sign-On (SSO) is an authentication method that allows users to access multiple applications or systems with a single set of login credentials. Instead of remembering and managing different usernames and passwords for each service, SSO enables a seamless login experience across connected platforms.

SSO works by using a central identity provider (e.g., Microsoft Entra or Google Workspace) to verify the user’s identity. Once authenticated, the user is granted access to all authorized applications without needing to log in again during the same session.

Summary Of Features

• No Additional Passwords / Centrally Managed Credentials – SSO eliminates the need for users to remember multiple passwords, reducing the risk of weak or reused credentials.
• Multi-Factor Authentication – Your SSO provider can enforce MFA for an additional layer of protection.
• SSO Providers – the following authentication providers:
  • Microsoft – for customers using Microsoft 365 and Microsoft Entra (formerly Azure Active Directory)
  • Google Workspace (Coming Soon)

How to Set Up SSO

To enable SSO for your organization, follow these high-level steps. Note: You must be an administrator within your SSO provider to complete this setup.

1. Prerequisites

Ensure you meet the following requirements:

• You are an administrator in your SSO provider (ex: Microsoft or Google).
• You have your CIMcloud worker portal credentials ready.
• The “Single Sign On (SSO) for Workers” bundle is installed

2. Worker Portal Setup

• Sign in to CIMcloud
  • Log in to your worker account using your CIMcloud credentials.
• Enable and Configure The Feature
  1. Go to Settings Workspace > System-Wide Settings > Application Settings
  2. Locate the Allow Worker Single Sign-On (SSO) feature and change the status to On
  3. Allow Mixed/Single Standard Sign-On (SSO)
     1. No – [RECOMMENDED] forces all worker logins to use your linked SSO provider (linked in the next steps)
     2. Yes – Allows workers to log in using either their CIMcloud password or the linked SSO provider. While useful for troubleshooting, this option reduces overall security.
  4. Restrict SSO Logins to Existing Workers
     1. No – Any employee with a company email address can log in as a worker. Note: Your site includes a limited number of worker logins. Additional logins beyond your allowance may incur extra charges.
     2. Yes – Only workers who already have a login in CIMcloud will be able to access the Worker Portal using SSO. This allows you to control which employees can log in by creating their accounts in Settings > Workers. The SSO system will verify their email address in CIMcloud matches their email address from the SSO provider to determine if they are authorized.
• Activate Your SSO Provider
  1. Navigate to SSO Settings under Settings Workspace > Workers > Worker Single Sign-On (SSO).
  2. Enable the SSO Provider you wish to use.
  3. You will be asked to sign into your SSO provider. Sign in and accept the request to allow CIMcloud to use your provider.
  4. If SSO was successfully activated you will see an Active status next to your provider.