Skip to main content

Streamline Access with Single Sign-On

Cody Iddings avatar
Written by Cody Iddings
Updated this week

Enable Single Sign-On (SSO) for your Makeshapes organization to provide your team members and/or participants with a secure and convenient way to access Makeshapes experiences using their existing company credentials.

What is sso?

Single Sign-On allows users to log in once with one set of credentials (managed by your organization's Identity Provider - IdP) to access multiple applications, including Makeshapes.

Benefits of using SSO with Makeshapes

  • Simplified user access: Users don't need to remember separate Makeshapes passwords.

  • Enhanced security: Centralizes user authentication through your organization's IdP, allowing you to enforce your existing security policies (like MFA).

  • Centralized user management: User access can often be managed from your IdP, streamlining onboarding and offboarding.

  • Improved user experience: Provides a seamless login experience for your users.

Note: The availability of Creator and/or Participant SSO may be subject to your Makeshapes service plan and/or configuration.

Sso options with Makeshapes

Makeshapes offers two types of SSO integration:

Team member SSO (recommended)

Your internal team (Administrators, Creators, Editors) accessing the Makeshapes platform to create and manage experiences. This provides secure, managed access for your staff using their company credentials.

When SSO is enabled, we recommend disabling Multi-Factor Authentication (MFA) with Makeshapes to further leverage your Identity Provider's MFA policies for users authenticating via SSO. However, for enhanced security, MFA is always recommended for team members without SSO.

Participant (learner) SSO

If learners have company accounts and you require them to authenticate before accessing content, this option would be recommended.

In addition, if you need Makeshapes to capture specific learner attributes (like an Employee ID) from your IdP. This is often essential for integrations, such as identifying learners by Employee ID in xAPI statements sent to your LRS .

Participant SSO requires learners to authenticate, which might be an extra step if they are not already logged into their company network. This may introduce access roadblocks for external participants or those who have trouble with their company login or their personal device.

For maximum ease of access, Makeshapes allows learners to join experiences by simply providing their name and email, without requiring them to authenticate via your company's SSO. This is often preferred for broad participation and reduces potential login friction.

Supported SSO protocols

Makeshapes supports SSO integration with a variety of Identity Providers (IdPs). Here are our currently supported options:

  • Custom SAML 2.0

  • Microsoft Entra ID (formerly Azure AD) - SAML

  • Microsoft Entra ID (formerly Azure AD) - WS-Federation or OpenID Connect (OIDC)

  • Google Workspace (via SAML)

  • Okta (via SAML)

  • Cloudflare (via SAML)

While the general setup principles are similar, the exact metadata exchanged and configuration steps may vary slightly depending on the protocol (SAML 2.0, OIDC, WS-Federation).

Did this answer your question?