Sync Admin Guide

Sync Self Service SSO

Logitech Sync offers a simple way to verify your domain and add your organizations single sign on provider. To learn more about configuring your SAML IDP for Sync, check out our article here.

Important: If you are enforcing SSO on your organization, SSO will also be enforced for users with the same domain in other Sync organizations. For further information on multitenant configuration, please navigate to the pertinent section in this article.

Get started, while logged in as an Organization Owner (Tenant Account)SSO Multitenant Domain Configuration

Get started, while logged in as an Organization Owner (Tenant Account)

  1. Navigate to System.

  2. Go to Account.

  3. Select Register a Domain.

Important: You can only register the domain associated with your account's email address. If you need to register multiple domains - you can. Simply create another account with the second domain, and register the domain from that account. 

Note: the new account will also need the Owner role to register the second domain.

  1. Once you request your domain registration Logitech will review your request within 24 hours. You will get an email notification once it is approved.

  1. After your domain has been successfully registered, you’ll have the ability to configure your organization's SSO identity provider.

  1. Select your identity provider type and enter the required information.

Note on SAML certifications: When configuring SAML in the Sync Portal, you have two options: providing the URL to the metadata document (which is preferred) or uploading the actual XML document.

If you are currently using the URL to the metadata document, you won't need to make any changes or updates directly within the Sync Portal. Uploading a new certificate is only necessary if you're using the "actual XML document" option. However, we still recommend keeping the credentials for a Sync Portal owner account readily available when updating the SAML certificate in your Identity Provider (IdP). This way, you can still access the Sync Portal if any issues arise on the IdP side.

  1. Once you have submitted your SSO identity provider information you will be prompted to try it out.

  2. Log out and log back in using your organization’s SSO.

  3. You’ll be able to enforce your SSO usage for your users via the toggle.

Note: When enforcing SSO sign in for your users, you will have to select a “break glass” account that can still log in using email and password credentials.

  1. After you’ve set your “break glass” account you’re all done. You can delete the SSO configuration and registered domains at any time with the trash bin icons.

SSO Multitenant Domain Configuration

Multiple accounts can share the same domain name for SSO purposes. Once SSO has been approved for one organization, each subsequent tenant can use this same domain to log in via SSO.

User Access and Security: Access is managed at the user level within each individual tenant. This ensures that users remain restricted to their authorized environments:

  • If a person only has a user account on Sync Tenant A, they will not be able to log in to Tenant B.

  • Accounts remain separate, preventing unauthorized cross-tenant access even when sharing a domain.

Note: For users setting up multitenancy, please see Sync Multitenancy Setup.

If you require additional assistance with Sync SSO or tenant configuration, please contact Logitech Support.

AI translated ⓘ
This content was translated by AI. Accuracy may vary.
Report an issue here.
Menu