Skip to content
English
More support
Contact us
  • There are no suggestions because the search field is empty.

Configuring Authentication Settings

Control how users sign in to Spherium.ai

Organization Administrators can configure which authentication methods are available to users within their Spherium.ai organization. Authentication Settings allow you to enable one or more sign-in providers, enforce multi-factor authentication (2FA), and configure Single Sign-On (SSO) for your organization.

By controlling available authentication methods, organizations can align Spherium.ai with their identity management, security, and compliance requirements.

Figure 1. The Authentication Settings page allows Organization Administrators to enable supported authentication providers and configure organization-wide login policies.

Insert screenshot of the Authentication Settings page here.

Before You Begin

  • You must be assigned the Organization Administrator role.
  • Authentication settings are configured at the organization level.
  • Changes apply to all users in your organization after they are saved.

Accessing Authentication Settings

  1. Sign in to Spherium.ai.
  2. Navigate to Administrative Settings.
  3. Expand Organizational Settings.
  4. Select Authentication Settings.

The Authentication Settings page displays all supported authentication providers and security options.

Available Authentication Methods

Microsoft Login

Enable Microsoft Login to allow users to authenticate using their Microsoft account, including Microsoft Entra ID (formerly Azure Active Directory).

Recommended for:

  • Organizations using Microsoft 365
  • Microsoft Entra ID environments
  • Enterprise identity management

Google Login

Enable Google Login to allow users to sign in using their Google Workspace or Google account credentials.

Recommended for:

  • Organizations using Google Workspace
  • Educational institutions
  • Teams standardized on Google identity

Custom Single Sign-On (SSO)

Enable Custom SSO to integrate Spherium.ai with your organization's identity provider using your configured SSO connection.

Selecting the configuration icon next to Custom SSO allows you to configure your organization's SSO settings.

Recommended for:

  • Enterprise identity providers
  • Federated authentication
  • Organizations requiring centralized identity management

Password Login

Enable Password Login to allow users to authenticate with a Spherium.ai username and password.

This option is commonly used for:

  • Small organizations
  • Trial environments
  • Organizations not using an external identity provider

Require Two-Factor Authentication (2FA)

Selecting Require 2 Factor Authentication (2FA) requires all users to complete multi-factor authentication when signing in.

Enabling 2FA provides an additional layer of security by requiring users to verify their identity with a second authentication factor in addition to their password or identity provider.

Spherium.ai recommends enabling 2FA whenever possible.

Configuring Authentication

To configure authentication methods:

  1. Navigate to Authentication Settings.
  2. Select the authentication methods you want to allow.
  3. Enable Require 2 Factor Authentication (2FA) if your organization requires MFA.
  4. Configure Custom SSO if using an enterprise identity provider.
  5. Click Save.

Your authentication policy is applied organization-wide.

Authentication Best Practices

For most enterprise organizations, Spherium.ai recommends:

  • Use Microsoft Login, Google Login, or Custom SSO as your primary authentication method.
  • Enable Require 2 Factor Authentication (2FA) for all users.
  • Disable Password Login when your organization uses an enterprise identity provider and does not require local accounts.
  • Review authentication policies periodically to ensure they align with your organization's security standards.

Frequently Asked Questions

Who can manage Authentication Settings?

Only users assigned the Organization Administrator role can modify authentication settings.

Can I enable multiple authentication methods?

Yes. Organizations can enable multiple supported authentication methods, allowing users to sign in using any approved provider.

What happens if Password Login is disabled?

Users will no longer be able to sign in using a Spherium.ai username and password. They must authenticate using one of the enabled identity providers.

Does enabling Microsoft Login or Google Login automatically migrate existing accounts?

No. Existing user accounts continue to exist. Users authenticate using the authentication methods enabled by your organization.

Is Two-Factor Authentication required?

Not by default. Organization Administrators can require 2FA for all users by enabling the Require 2 Factor Authentication (2FA) option.

Summary

The Authentication Settings page allows Organization Administrators to control how users authenticate with Spherium.ai. By enabling trusted identity providers, configuring Single Sign-On, and enforcing two-factor authentication, organizations can provide secure, centralized access that aligns with their identity and security policies.