About SSO
Single Sign On (SSO) is available as an authentication method for all Enterprise installations. data.world supports SSO with providers that uses SAML 2.0 protocol, such as Okta, Google, or Azure, etc.
Private Instance (PI) and Single-Tenant environments are required to use SSO for user logins.
Enterprise customers using the Public Instance have an option to set up SSO, but it is not required.
Once SSO is configured, all members of the organization will use SSO to login to the platform.
Important
The SSO configuration is done in collaboration with the data.world support team.
What type of user provisioning does data.world support for Single Sign-on?
For a detailed comparison between Just In Time (JIT) account provisioning and System for Cross-domain Identity Management (SCIM) provising, see JIT vs SCIM Provisioning: What is the difference and why it matters?
Just In Time (JIT) account provisioning
JIT provisioning is a reactive model for user creation. It leverages the SAML authentication flow to create user accounts only when they first log in to an application. By default all Private Instance (PI) and Single-Tenant environments are setup with Just In Time (JIT) account provisioning. This means that once SSO is enabled, users automatically get created in data.world at the time of login, as long as the SSO provider administrator has added the data.world app to the user profile in the SSO provider administration tool.
System for Cross-domain Identity Management (SCIM) provisioning
SCIM (System for Cross-domain Identity Management) automatically create, update, and deactivate user accounts in applications based on changes in the identity provider (IdP). This reduces manual intervention and ensures that user data is always up-to-date which enhances the security of your system.