Overview
Single Sign-On (SSO) allows your organization to integrate Hi Marley with an external identity provider so users can log in using their existing company credentials. This simplifies access, improves security, and reduces the need for separate Hi Marley passwords.
Note: SSO configuration requires assistance from the Hi Marley team.
Who Has Access
- This feature is available to System Admins.
- Only system admins can enable or disable SSO and manage related settings.
Where to Find It
System admins can manage SSO by navigating to:
Settings → Organization → SSO
From this page, admins can enable SSO and configure related options such as user provisioning and allowed email domains.
How It Works
When SSO is enabled, users authenticate through your organization’s identity provider rather than logging in directly with a Hi Marley username and password.
Additional options allow admins to control how users are provisioned and which email domains are permitted.
Just in Time (JIT) User Provisioning
Just in Time (JIT) User Provisioning allows Hi Marley user accounts to be automatically created when a user logs in for the first time via SSO.
- JIT can only be enabled if SSO is enabled
- When enabled, users with approved email domains are provisioned automatically upon first login
- This reduces manual user setup and accelerates onboarding
Email Domains
Admins can specify which email domains are associated with the organization.
- Only users with email addresses from the listed domains can log in via SSO
- Email domains cannot be modified if SSO is disabled
- This helps ensure that only authorized users can access the organization
Important Notes
- SSO setup and changes require coordination with the Hi Marley team.
- Disabling SSO will also disable JIT user provisioning.
- Carefully review allowed email domains to prevent unauthorized access.
To for a further overview of our SSO integration, click here