Single sign-on (SSO)
On the Authentication settings page, organization admins can enable and manage a single sign-on (SSO) connection that lets users sign in through the organization's identity provider (IdP). By default, users sign in through Blackbaud's secure authentication service or a social sign-in, such as Apple ID, Facebook, Google, or Microsoft.
To enable SSO on the Authentication settings page, you select Manage SSO settings under Single sign-on and then select your connection method. After you turn on SSO, you select Manage SSO settings to access the Single sign-on page where you manage your SSO connection.
Single sign-on connectionOn the Single sign-on page, you can view SSO connection details, such as the connection name and the application ID, and you can manage SSO details, such as the organization name to display when users sign in.
Claimed email domainsTo determine which users to redirect to your IdP when they sign in with their Blackbaud IDs, you claim the email domains, such as @yourdomain.org or @yourdomain.edu, that your organization uses. Under Claimed email domains, you can manage the domains that your SSO connection recognizes.
Redirect settingsTo ease authentication after you enable SSO, you can provide users at your organization with a redirect URL to bypass the Blackbaud ID sign-in page and sign in directly through your IdP. You can also create additional redirect URLs to ease access to Blackbaud ID-supported solutions. For more information, see Redirect settings.