Single Sign-on (SSO)
Sprout Social offers SAML 2.0 Single Sign-on (SSO) support to our customers across web and mobile. SSO enables an employee to use a single set of managed login credentials (e.g., name and password) to access multiple applications.
Benefits of SSO
The main benefit of implementing SSO is account security. If an employee’s permissions, access or employment status changes, their network administrator can easily disable all accounts that are associated with that user with minimal effort. Additionally, SSO creates a more seamless user login experience as it eliminates the need for employees to remember or keep track of several passwords.
Customers will need to work with Sprout engineers to implement SSO integration, which is available to all plans and requires an implementation fee. Future maintenance and support is covered by the initial fee.
Supported SSO Providers
Single Sign-on for Sprout Social is directly supported by the following IdPs:
- Azure AD
Sprout Social supports SAML (Security Assertion Markup Language) 2.0 for SSO, so even if your IdP isn’t listed, you should still be compatible as long as your IdP supports SAML 2.0.
Customers will need to collaborate with their IT/Security teams to get the required technical information to plan Sprout’s custom SSO integration. Here is some technical information your IT team may need to get the process started:
- Sprout Social supports IdP and SP initiated SSO via SAML 2.0
- Sprout Social AuthnRequests will have an Issuer value / Entity ID of https://app.sproutsocial.com
- Sprout Social's Assertion Consumer Service URL is https://app.sproutsocial.com/auth/sso/consumption
- Sprout Social requires that IdPs use emailAddress as their Response's Subject's NameIDPolicy
- Sprout Social uses HTTP REDIRECT bindings
If you have additional questions or would like to get set up with SSO, please contact your Customer Success Manager or Sprout’s Support Team for more information.