.png?sv=2022-11-02&spr=https&st=2025-07-16T05%3A21%3A09Z&se=2025-07-16T05%3A31%3A09Z&sr=c&sp=r&sig=BVJm3Gwb30zu18Ni0Xqffwbhm0Bi%2BHjt4ARwLeE6MCo%3D){kind=logo}
SSO Login Experience
- DarkLight
SSO Login Experience
- DarkLight
Article summary
Did you find this summary helpful?
Thank you for your feedback
Workspace Admin supports Single Sign-On (SSO) to authenticate the Administrator. When SSO is enabled, administrators can authenticate using their existing credentials without needing separate login details.
Note:
The SSO feature is available only for Acqueon Cloud customers and not for the on-premises customers.
When a user who is not configured or onboarded attempts to log in, an error message is displayed.
Admin Login Experience
The Login experience varies based on the following configurations:
Login Experience with Only Cognito
When only Cognito is enabled, admins authenticate directly through Cognito. The login page displays the Cognito sign-in option, requiring admins to provide their Cognito credentials. In this configuration, Cognito independently manages the authentication process without involving any external IdP.
Login Experience with a Single Default IdP configured
When a default IdP is mapped, admins are redirected to the specified IdP for authentication. The mapped IdP, such as Azure AD or Okta, handles the login process, and upon successful authentication, redirects admins back to the application.
Login Experience with Multiple IdPs Configured but No Default IdP
When multiple IdPs are configured, but none is tagged as the default, the login page displays all the configured IdPs as sign-in options, along with the Cognito login fields. Admins can choose to authenticate through any of the available IdPs or log in directly using Cognito credentials.
Login Experience with Only Amazon Cognito
To log in to Workspace Admin with SSO where only Amazon Cognito is enabled, follow these steps:
Access the Acqueon Workspace Admin URL on a web browser.
The Amazon Cognito sign-in page is displayed.
.png?sv=2022-11-02&spr=https&st=2025-07-16T05%3A21%3A09Z&se=2025-07-16T05%3A31%3A09Z&sr=c&sp=r&sig=qUN%2Bk%2F0ZyrMmdVRNmlUoHlD9rUVgCc%2BY%2Fuk525wx4BY%3D)
Provide the credentials and click Sign-in.
On successful authentication, you are logged into the Acqueon Workspace administrator page.
Login Experience with a Single Default IDP Configured
To log in to Workspace with SSO that is integrated and mapped to a single default IdP, follow these steps:
Access the Acqueon Workspace Admin URL on a web browser.
The login page displays the User ID field.
Enter User ID and click Next.
The page redirects to the organization’s IdP login window which could be powered by identity providers such as Okta, Azure Active Directory, and more.
Note:
The sign-in process may vary depending on the IdP used. The following workflow represents the sign-in process for an Azure Active Directory login window page.
Type your password and click Sign in.
On the Stay signed in? prompt, click Yes.
On successful authentication, you are logged into Acqueon Workspace admin page.
Login Experience with Multiple IdPs Configured but No Default Idp Mapped
Access the Acqueon Workspace Admin URL on a web browser.
The login page displays the User ID field.
Enter your User ID and click Next.
The page redirects to a list of multiple IdP options (those are integrated but none is configured as a default IdP).
Note:
The example above shows Azure AD as the only IdP. In a scenario with multiple IdPs, each IdP is listed by its name, allowing the user to select and log in through the preferred IdP.
Click the required IdP name. In the above example, it is AzureAD.
Follow the respective IdP sign-in procedures to complete the login process.
On successful authentication, you are logged into Acqueon Workspace administrator page.
Note:
An account with "User" privileges cannot access the admin application and encounters the following error message.
User exists but does not have the required role.
Was this article helpful?