Whatfix Single Sign On
  • 03 Feb 2023
  • 1 Minute To Read
  • Dark
  • PDF

Whatfix Single Sign On

  • Dark
  • PDF

Whatfix supports login with Single Sign-On (SSO). SSO is an authentication process that enables users to access multiple applications with one set of login credentials.

How does SSO work in Whatfix?

  1. SSO-enabled enterprises have the following login screen,
  2. When you click Sign In with SSO, you are redirected to the configured Identity Provider.
  3. Once you enter the credentials of the identity provider, it is verified and you are then redirected to the Whatfix account.

Identity Providers supported by Whatfix

An Identity Provider (IdP) is an authority system that holds and verifies the user authentication information. Whatfix interacts with your IdP and trusts the information provided by the IdP to gain access to the application. Whatfix supports popular identity providers like the following,

  • Okta
  • PingFederate
  • Azure Active Directory
    Any identity provider compliant with SAML 2.0 works with Whatfix SSO.

Where is the SSO login available?

You can log in with SSO on the Whatfix homepage,

Requirements to enable SSO on your account

The following information has to be exchanged with Whatfix.


The organization provides this information

Enterprise Name*XYZ corp
IdP EntityId*
IdP SSO Service URL*
X509 certificate*

SAML identity location*
(If the NameID is not available, you can provide the attribute element instead)



<saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" Name=""> 

Whatfix provides this information

Sign-on URL*

Your title goes here

If you face any issues while adding the mentioned Sign-on URL, you can also add the ACS URL ( in place of the Sign-on URL. The following image shows how the ACS URL is added in place of the Sign-On URL in Okta,


Relay state*

Relay state* (EU Dashboard)

* The value of each detail varies for every organization. For more details, contact

  • SSO users can't see the Change Password option in the admin menu. Any password changes need to be performed at the Identity Provider level.
  • Every time a user clicks Sign In with SSO, they are redirected to their Identity Provider's login page.
  • Currently, Whatfix does not support SLO (Single Log Out). When a user signs out of a Whatfix account, it does not log them out of the IdP.
  • The user has to provide configuration parameters for Whatfix to establish an interface with their identity provider.
Your title goes here

If a user has access to more than one enterprise(ENT) and logs into any one of them using SSO, they are automatically logged into all the other SSO-enabled ENTs that they have access to. Thus, they can switch between enterprises from their Whatfix Dashboard. 

Enable Single Sign-On

To enable SSO for your Whatfix account, contact

Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.