Single Sign-On (SSO) Enterprise
Single Sign-On (SSO) is an authentication process that enables users to access multiple applications using a single set of login credentials. This feature is available to all Basis Theory Enterprise customers, providing a seamless and secure login experience.
Supported Authentication Protocols
SSO with Basis Theory can be configured using the following identity protocols/providers:
Enforcing SSO
As an additional login control for a tenant, SSO can be enforced for all tenant users. An existing SSO connection must be configured before enabling this option.
Enforcing SSO can be enabled in the Customer Portal by navigating to the tenant Settings page from the sidebar, selecting the Identity tab, and enabling the Enforce SSO option.
Click on Save Changes to confirm.
Accessing a pre-SSO account
Once SSO is enabled for your organization, the login page automatically redirects anyone signing in with an email matching your organization's domain to your configured identity provider. This includes accounts that had been created with username + password (or a social provider) before SSO was configured — for example, the account that was used to set SSO up.
If you need to access one of these pre-SSO accounts directly — to log in with its credentials or to reset its password — use the links below to bypass automatic SSO routing for that single sign-in.
Logging in with username and password
Open https://portal.basistheory.com/auth/login-with-password in your browser.
You will be taken directly to the username + password login screen, skipping the SSO redirection. Enter the email and password for your pre-SSO account.
Resetting the password of a pre-SSO account
Open https://portal.basistheory.com/auth/reset-original-password in your browser.
On the login screen that loads, click Forgot password? and follow the prompts to receive a password reset email for your pre-SSO account.