Managing your team, Single Sign On (SSO) and other settings
- How to add users to your account
You can find your account settings by clicking on your profile picture in the bottom left corner.
There you will find the following sections
- Profile: Here you can update your name, password as well as your profile photo
- Team: This is where you can invite your colleagues to your account, manage their permissions (if you're an administrator), enable Single Sign On and more
- Activity: This section shows an actvitiy feed within your account - how many documents are being synchronized every hour, how are your rules doing, and all the interactions between members of your team
- Billing. This is where you'll be able to pay for your EnjoyHQ account, get your invoices as well as manage your subscription
- Sharing This section helps you to manage all share items, review access requests and list all shared documents, projects and so on. Read more here.
How to add users to your account
✨ Magic invite link
Each EnjoyHQ team has a unique invite link assigned, simply grab the link and share it with your colleagues - once they go to the singup page, they will be able to join your account right away, by providing their name, email and password.
All administrators in the account will be notified whenever a new team member joins via the magic link.
📧 Inviting via email
Adding a team member couldn't be simpler! Complete the following steps:
- Select "Team" from the applcation menu
- Select "Invite via email" option
- Enter the name, email address and the permission role you want to assign.
- Hit "Invite".
Your team-mate will now receive an email, prompting them to set a password and activate their EnjoyHQ account.
Happy collaboration! 🙌
Single Sign On
We offer a set of different Single Sign On options, which you can configure yourself
- Google G-Suite
- Azure AD
Additionally, we offer support for One Login and generic SAML identity providers - please reach out if you need these activated in your account.
Legacy Google Sign On
Some accounts might have legacy Google Sign On enabled - it is not necessary to change anything if it works for you as we're not planning to remove it for the time being. One limitation of the Legacy Google SSO is that it supports only one pre-configured domain. If your Google G-Suite organization supports multiple domains - you will have to migrate to the current SSO option.
You might need to remove the legacy Google SSO if you're planning to:
- change Single Sign-On provider (e.g. Okta)
- want to configure more domains to be allowed when signing in via Google G-Suite
To migrate, simply remove current Google SSO and proceed to setup the new connection:
To link EnjoyHQ and your Google Apps account go to the team management section and navigate to the Single Sign On option adn then click on "Configure SSO". From there follow steps in the configuration wizard:
Example setup: Okta
When setting up Okta, all you will need is the SOO configuration at hand - fastest way is to export the IDP.xml file from your Okta settings - read more about it here. When ready click on "Configure SSO" button and follow the steps:
Example setup: Google G-Suite
Once you click on "Configure SSO", select "Google" and enter all domains which are linked to your G-Suite organization:
From now on anyone any colleague from your team, will be able to sign in via configured SSO option. All they have to do is to the "Login with SSO" and input your company's domain, as configured in the Setup step:
Removing a Team Member
If you need to remove someone from your account, then you can do so by clicking "Remove", next to their email address in the Team Members section of your Team Settings.
Users who are removed won't be able to sign-in again, be invited again or open a brand new EnjoyHQ account. If SSO is configured, deleted users won't be able to sign in.
Please refer to the roles and permissions page.
- Can I connect more than one SSO option (e.g. Okta and Google G-Suite)?
No, only one connection can be active at a time.
- Why the "WorkOS" shows up when signing in to EnjoyHQ?
All SSO options are powered by WorkOS - an Enterprise grade SSO connector. WorkOS stores only the details necessary to initate a delegated authentication flow: they do not store any of your credentials or user information but simply act as means of simplifying authentication. You can learn more about WorkOS' security here.
Thanks to WorkOS we also support generic SAML backends - please get in touch if you want to use it in your account.
- Do I have to invite users if SSO is configured?
No - anybody in your configured Sign-On directory can just sign up without a prior invitation. By default their permission level will be set to read-only and can be changed later.
While the email invite and magic link options are still available if you'd like to add users outside of your organiztion, bear in mind that if you have invited a user from your team and they try to sign-in while the inviation is pending - they won't be able to sign in until they accept the invitation.
- What happens when a new team member signs in via SSO?
If a new user joins your team by signing in via SSO the following happens:
- a new user is created in your team
- their permission is set to read-only
- their user record by default will have password authentication disabled but it can be enabled if they choose to reset their password
If a user was added to your team, prior to enabling SSO they can still use it to log in, assuming their email address is the same in your identity provider (Google G-Suite, Okta, etc)
- Can I or my colleagues belong to more than one team?
We offer multi-team support as part of our Enterprise plan.