Single Sign-On (SSO)
NOTE: Single Sign-On is an Enterprise level feature of Workzone. For more details on upgrading your team's Workzone license to Enterprise, please contact us at firstname.lastname@example.org or call 610-275-9861.
Learn more about Workzone Enterprise.
Once your site has been enabled for SSO, go to the settings (gear icon) in the top right, then select
Single sign-on under the
GLOBAL section on the left.
Step 1: Upload your Identity Provider Metadata XML file. Please note that every time you upload a new file, it will overwrite all previous configurations.
Step 2: Download Workzone’s Service Provider Metadata XML file for your company from the provided link in the Instructions section.
Step 3: Use the downloaded XML file to configure your Identity Provider for Workzone (detailed guidance for specific identity providers are included below).
Step 4: Select whether you want to require SSO login for all users (default) or if you will require it for users of specific email domains (your internal users), while allowing external users to log in via email address and password (having a single user designated with a different email domain that can log in can be valuable to access Workzone if your SSO setup isn't working properly).
Step 5: Activate your SSO implementation by clicking the circle to switch SSO Status from “Inactive” to “Active”.
Step 6: Test your SSO implementation, either by logging into Workzone via your Identity Provider or going to your Workzone URL (it will then authenticate with your Identity Provider).
Detailed instructions for setup of SSO with specific identity providers:
If you're not using one of the identity providers listed above, you can refer to our SSO FAQs for helpful information that may apply to other identity providers (Azure, Shibboleth, Ping, etc.)