Single Sign On (SSO)¶
Tree Schema provides SSO through Google and Microsoft O365. SSO enables you to authenticate with Tree Schema while also allowing your organization to simplify enrollment within Tree Schema by providing the option to auto-enroll your colleagues in your Tree Schema organization.
Organization SSO Management¶
Users with Admin+ permissions are able to manage SSO configurations for an organization. SSO configurations are based around a domain, this domain is selected by the first Admin+ user in the organization that links their account to an SSO provider. For example, if the user firstname.lastname@example.org creates a Tree Schema account and registers using Google for SSO then the domain avaialble for this organiation to manage will be treeschema.com. By navigating to the Admin page you can manage the SSO settings for your organization:
There are two SSO settings that can be managed. Both of these settings are set to True after the first Admin+ SSO enrollment. This applies if the organization is created from SSO enrollment.
Automatically enroll other users with the same domain into your Tree Schema account
Require users with the corresponding domain to log in with SSO (e.g. creating an account with a password is not allowed)
Requiring SSO login for your organiation will only apply to new users, existing users who signed up with a password will still be able to log in with their password.
If you are an admin and your organiation has not yet completed the SSO association, you will see the option to link your SSO domain by completing the SSO enrollment:
Associate SSO Account to Existing Email¶
If you created a Tree Schema account with an email and password you can link your SSO account to your existing Tree Schema account as long as the email used for SSO is the same as the email for your Tree Schema account.
In order to associate a new SSO account to your existing Tree Schema account, navigate to the My profile page and select settings
Under the SSO settings you will have the option to link your account to an SSO provider.
Once you have successfully completed this process you will be logged back in with your SSO account.