Integrations
      Back to home
      2. Managing your organisation
      3. Integrations

      FAQ's: SSO and Directory Sync for Progression

      We answer your questions on SSO and Directory Sync for Progression, such as which providers we support, costs and settings.

      How does Directory Sync work in practice?

      Directory sync is responsible for provisioning, de-provisioning and updating your users on Progression based on the settings in your identity provider (IDP).

      Provisioning:

      When a user is created in your IDP and granted access to the Progression in your IDP, they will be automatically created in Progression.

      Note: they currently do not receive email notification that an account has been created.

      De-provisioning:

      When a user has access to Progression removed in your IDP, they will be archived in Progression. A user could have access removed in the IDP through being removed from an access group, removed from the organisation or being deleted.

      If the user is subsequently granted access to Progression, their account will be transitioned from archived to active.

      Updating:

      When a user's details are updated in the IDP, they will be updated in Progression. We currently sync the following attributes:

      • First name

      • Second name

      • Email

      • Manager (where manager is supplied as an email address which matches a Progression user in your organisation)

        • This is generally mapped to the field manager

      • Team (where the team name in the IDP matches a team in your organisation)

        • This is generally mapped to the field department

      • Position (where the position name in the IDP matches a position in the user's team)

        • This is generally mapped to the field title

      Can I set up SSO just for a subset of my users?

      Yes you can! If you are using Okta you can do this within Okta by granting users access to specific applications. The most common way to do this is to assign users to groups and allow groups to use specific apps (see here for more information).

      If you are using Google Workplace you will need to add the groups you wish to sync to Progression before you add your directory.

      Which SSO providers do you support?

      • AD FS SAML

      • Auth0 SAML

      • Azure AD SAML

      • Generic SAML

      • G Suite OAuth (coming soon)

      • G Suite SAML

      • JumpCloud SAML

      • Microsoft OAuth (coming soon)

      • Okta SAML

      • OneLogin SAML

      • OpenID Connect

      • PingFederate SAML

      • PingOne SAML

      • Shibboleth

      • VMWare SAML

      • CyberArk SAML

      Which Directory Providers do you support?

      • Azure AD SCIM

      • Bamboo HR

      • G Suite Directory

      • Gusto

      • Hibob

      • Okta SCIM v1.1

      • Okta SCIM v2.0

      • Rippling

      • SCIM v1.1

      • SCIM v2.0

      • Workday

      How much does it cost?

      SSO and Directory Sync are included in our Organisation subscription plan.

      For more information about our subscription plans, please visit progression.co/pricing.

      If you have any questions about SSO/Directory sync, please contact us by email at support@progression.co or send us a message in the chat.