Single Sign-on (SSO)
Sprout Social offers SAML 2.0 Single Sign-on (SSO) support to our customers across web and mobile. SSO enables an employee to use a single set of managed login credentials (e.g., name and password) to access multiple applications.
Benefits of SSO
The main benefit of implementing SSO is account security. If an employee’s permissions, access or employment status changes, their network administrator can easily disable all accounts that are associated with that user with minimal effort. Additionally, SSO creates a more seamless user login experience as it eliminates the need for employees to remember or keep track of several passwords.
You'll work with Sprout engineers to implement SSO integration.
Supported SSO Providers
Single Sign-on for Sprout Social is directly supported by the following IdPs:
- Azure AD
Sprout Social supports SAML (Security Assertion Markup Language) 2.0 for SSO, so even if your IdP isn’t listed, you should still be compatible as long as your IdP supports SAML 2.0.
Collaborate with their IT/Security teams to get the required technical information to plan Sprout’s custom SSO integration. Here is some technical information your IT team may need to get the process started:
- Sprout Social supports IdP and SP initiated SSO via SAML 2.0
- Sprout Social AuthnRequests will have an Issuer value / Entity ID of https://app.sproutsocial.com
- Sprout Social's Assertion Consumer Service URL is https://app.sproutsocial.com/auth/sso/consumption
- Sprout Social requires that IdPs use emailAddress as their Response's Subject's NameIDPolicy or use an unspecified field to use flexible NameIDs such as EmployeeID or other unique identifier
- Sprout Social uses HTTP REDIRECT bindings
If you have additional questions or want to get set up with SSO, contact your Customer Success Manager or Sprout’s Support Team for more information.