Technical Configurations
Setting Up SSO (Single Sign-On)
It is possible to set up a customer-specific Single Sign-On (SSO). With this, all Workbench users in your team can log in without a password, using only email-based authentication.
If you are unable to complete all the steps, you may be missing the necessary permissions. In that case, please contact a Workbench PowerUser or our support team at support@workist.com.
Step-by-Step Guide
Step 1: Log in to the Workbench and navigate to the "Organisation" tab under "Settings".
There you will find the configuration menu item under "Single Sign-On". Clicking "Edit" opens the configuration form.
SSO Provider (providerName):
Workist currently supports the following SSO providers:
| Provider | Config Name |
|---|---|
| Microsoft Azure AD | AZURE |
| Adamos | adamos |
| Deutsche Bahn | db |
| Azure Marketplace | azure-marketplace |
Domain:
Enter your domain (e.g. company.com).
If more than one domain needs to be configured, please contact Workist Support.
Allow Self-Registration:
Simply click the checkbox here.
If you enable self-registration and set a domain, all active users (even without a Workbench account) will be set up when the domain is part of an SSO configuration. New accounts are only created if the email is not found, self-registration is enabled, and the domain matches the SSO settings.
Tenant ID & Client ID:
You can enter these IDs yourself after completing the necessary steps with your SSO provider.
Client Secret:
The "Client Secret" can only be added by Workist Support. Please contact support@workist.com or your Workist contact person.
Azure SSO Setup
To set up SSO with Azure, you first need to create a new app and provide us with the tenant-id, client-id, and the client secret.
Redirect URL: https://wb.workist.com/login/providers/azure/authorized
During the setup in Azure, an expiry date can be set for the Client Secret. After the set date has passed, users will not be able to log in via SSO. The secret must therefore be renewed before it expires and provided to Workist in good time.