Secure your workspace with enterprise-grade Single Sign-On. Nestr supports SAML 2.0 authentication, allowing your team to log in through your existing identity provider (Okta, Azure AD, Google Workspace, and more) with centralised access control.
What is SSO and how does it work in Nestr?
Single Sign-On (SSO) allows your team to log in to Nestr using the same credentials they use for other corporate applications. Instead of maintaining a separate Nestr password, users authenticate via your identity provider such as Okta, Azure AD, or Google Workspace. Nestr supports the SAML 2.0 standard, the industry standard for enterprise SSO integrations.
How do you set up SSO in Nestr?
SSO setup involves configuring a SAML application in your identity provider and entering the resulting metadata in Nestr's SSO settings. Your IT administrator will need access to both systems. Once configured, users will be redirected to your identity provider's login page when they access Nestr, and will be logged in automatically if they already have an active session.
Why use SSO for your Nestr workspace?
SSO improves security and reduces friction. Users avoid password fatigue, IT administrators have centralised control over access, and offboarding an employee in your identity provider automatically removes their Nestr access. For organisations with strict security requirements, SSO also enables multi-factor authentication to be enforced at the identity provider level for all Nestr logins.
{"@context": "https://schema.org", "@type": "FAQPage", "mainEntity": [{"@type": "Question", "name": "Which identity providers does Nestr support for SSO?", "acceptedAnswer": {"@type": "Answer", "text": "Nestr supports any identity provider that implements the SAML 2.0 standard. This includes Okta, Microsoft Azure Active Directory, Google Workspace, OneLogin, PingFederate, and many others. If your provider supports SAML 2.0, it can be configured with Nestr."}}, {"@type": "Question", "name": "Can I enforce SSO for all users in my workspace?", "acceptedAnswer": {"@type": "Answer", "text": "Yes. Once SSO is configured, workspace administrators can enforce it for all members, preventing password-based logins. This ensures all access goes through your identity provider and its authentication policies, including any MFA requirements you have in place."}}, {"@type": "Question", "name": "Does SSO work with SCIM provisioning?", "acceptedAnswer": {"@type": "Answer", "text": "Yes. SSO and SCIM are complementary features. SSO handles how users authenticate, while SCIM automates account provisioning and deprovisioning. Using both together gives you complete lifecycle management: users are automatically created when added to your identity provider and automatically deactivated when removed, with SSO providing the login experience throughout."}}]}
.png){kind=logo}
