Single Sign-On for G Suite is available for all Aha! users. You can enable Single Sign-On for G Suite in your account. Once enabled, your users will be able to log into your Aha! account with their Google credentials.
Configure Single Sign-On for G Suite in Aha!
1. To set up Single Sign-On for G Suite, go to Aha! and then to the Settings -> Account -> Security and Single Sign-On page. Then, select "Google" for the Identity Provider in the "Single Sign-On" section.
2. Give the provider a name (like "G Suite") and set your Single Sign-On for G Suite domain. The domain is in the format "example.com" without "http" or "www". Multiple Single Sign-On for G Suite domains can be separated with a comma. Click "Enable" to activate Single Sign-On for G Suite.
3. Define the permissions users will receive the first time they login. After the first login, permissions can be managed through Settings -> Account -> Users.
Log into Aha! WITH Single Sign-On for G Suite
1. Once Single Sign-On for G Suite is set up, your login page will have an additional "Login with Single Sign-On for G Suite" option available.
Note: You need to log in at your specific "account.aha.io" domain to use your SSO provider; do not use the general "aha.io" domain.
2. Clicking "Login with Single Sign-On for G Suite" will send your browser to "https://accounts.google.com" so you can select the Google account to use and authenticate.
Once a user chooses to log in with Google, they will no longer be able to use their email and password. This is so that if they are disabled in Google (e.g. when leaving company), they can no longer log in. This is a compliance requirement for many companies.
3. You are now logged into Aha!
New Aha! users through SSO
Users logging in with Single Sign-On for G Suite are separate accounts from those who log in with an email and password. If an email and password user exists that has a matching email address to a Single Sign-On for G Suite user, that user will be automatically converted to use Single Sign-On for G Suite. Otherwise, a new user will be automatically provisioned.
Auto-provisioned users fall under the same seat restrictions as any other user, and attempts to log in may fail if you have no seats available on Premium accounts. For Enterprise accounts, the login will not fail due to seat restrictions because you can have unlimited Reviewers, Viewers, or None.