IdP-Initiated SSO

With IdP-initiated SSO, you log into CloudCheckr using a link provided by the identity provider (IdP). At this time, CloudCheckr supports the following IdP providers that are compliant with Security Assertion Markup Language (SAML) 2.0 :

  • Okta
  • PingOne
  • OneLogin
  • Google
  • Azure AD SSO

If your organization uses a different SSO provider than those listed, additional customizations may be required. Please email sales for information regarding support of other SAML-compliant SSO providers.


Prerequisite: You must be an enterprise customer to use IdP-initiated SSO.
  1. Please submit a ticket to the CloudCheckr Service Desk Portal, so that a support engineer can guide you on how to:
    • generate SAML IdP metadata/and or provide Azure Tenant ID (Directory ID)
    • choose a default role for new users created by SSO
    • validate that the authentication process is working in your environment successfully
    Although CloudCheckr will provision your users for the first-time logon, your organization must enable specific permissions and account access for your CloudCheckr users. For more information, see the User Management and User Groups topics.
  2. Click a link for instructions on how to integrate your IdP with CloudCheckr:

How did we do?