Skip to main content

About SSO for MaintainX

Single sign-on (SSO) is an authentication scheme where a user can log into multiple software services using a single ID. This section explains how to set up SSO for MaintainX.

availability

To configure SSO, you must be an Administrator. Configuration options are only available in the MaintainX web app, and require an Enterprise account.

After you set up SSO, users in your SSO-enabled organizations can log in using SSO from the MaintainX mobile app and web app.

Requirements​

To set up SSO for your MaintainX Organization:

  • Your organization must be on a MaintainX Enterprise Plan.
  • You must be an Administrator for your MaintainX organization.
  • Any domain that you plan to add to your SSO configuration has to be verified via a MaintainX verification email.
Restrict access to SSO settings

By default, any Administrator in your organization can access your SSO settings. However, MaintainX can configure your account to restrict SSO access to a smaller group or a single user. For details contact your MaintainX representative.

Supported SSO Protocols​

By default, MaintainX uses the Security Assertion Markup Language (SAML) protocol for SSO. The instructions in this section are for a SAML setup.

We also support the OpenID Connect (OIDC) protocol. For more information about OIDC setups, contact MaintainX Customer Support.

Supported IdPs​

An identity provider (IdP) is a service that stores and manages digital identities. MaintainX supports the following IdPs:

  • Google
  • Microsoft Entra ID (formerly Microsoft Azure AD)
  • Okta

If your company uses another IdP, contact MaintainX Customer Support to find out whether it's possible.

SSO for Multiple MaintainX Organizations​

If you have more than one MaintainX organization, and you've already set up single sign-on (SSO) for one of them, you can enable SSO for the others. Organizations you enable SSO for use the same configuration and settings as the organization where you first set up SSO.

For more information, see Enable SSO for Multiple MaintainX Organizations.

SSO for Multiple Domains​

You can set up routing rules so users from specific domains automatically log in via SSO. For more information, see Set up Routing Rules for Your Domains.

SSO and User Provisioning​

When a new user who does not have a MaintainX account logs into your organization using SSO, MaintainX creates an account automatically. You can specify which user role to assign by default. For more information, see Set the Default Account Type for New Users.

note

After you set up SSO, you should no longer use invite links to add new users to your organization. If you have a routing rule set up for your domain (see Set Up Routing Rules for Your Domains), new users should log into MaintainX using their company email address. Alternatively, you can have them follow the Start URL from your MaintainX SSO configuration (see Use the Start URL).