Note: This feature is only available on the Docfield Enterprise plan.


Single Sign-On (SSO) is an optional feature in Docfield that enables users to securely access the platform using their organization’s existing identity provider, without the need to create and manage a separate password for Docfield. SSO simplifies and secures the user login experience and is a preferred option for enterprises due to its enhanced security features and ease of access management.


By default, Docfield allows users to manage their authorization through Docfield’s own user management system, which requires them to create and maintain passwords specifically for this service. However, with SSO, you can integrate your organization’s authentication system to manage access more efficiently.


Security and Compliance

Access rights within Docfield must still be managed internally using Docfield’s user management system, ensuring that managers can control their users’ levels of access to various projects.


Supported Single Sign-On Methods


Currently, Docfield supports three types of SSO authentication methods:


1.    Authentication Only (via Google Workspace or Microsoft 365)

    •    To enable this feature, please contact Docfield’s support team or your technical consultant.

    •    In this method, authentication is handled by your identity provider, such as Google Workspace or Microsoft 365, using a verified email address.

    •    Login Process:

    •    Users will see an option to sign in with Google Workspace or Microsoft 365 on the Docfield sign-in page.

    •    Upon selecting the desired provider, the user is redirected to the provider’s login page (such as Azure Active Directory for Microsoft 365 or Google’s authentication page for Workspace).

    •    Once the user’s credentials are verified by the identity provider, they are redirected back to Docfield and granted access based on their authenticated identity.



Note: While authentication is managed by the identity provider, permissions and access levels within Docfield are still controlled internally via Docfield’s user management system. This means that users who sign in via SSO must still have their access permissions configured in Docfield.


2.    SSO with SAML (Security Assertion Markup Language)

    •    SAML-based SSO provides an enhanced level of integration with identity providers, allowing for a more secure and standardized authentication process. This method is ideal for organizations with more complex authentication needs.

    •    Setup:

    •    To configure SSO using SAML, please contact your technical consultant at Docfield, who can guide you through the setup process.

    •    With SAML, the identity provider communicates directly with Docfield to authenticate users, streamlining both login and user management.


Note: Permissions within Docfield still need to be assigned through Docfield’s internal user management system after authentication.


3.    SSO with SURFconext (for Educational Customers)

    •    SURFconext is a federated identity management service primarily used by educational institutions in the Netherlands and is part of the broader European research and education infrastructure.

    •    How it Works:

    •    SURFconext allows institutions to connect to a wide range of services, including Docfield, using their institutional login credentials. This eliminates the need for users to manage separate Docfield passwords and simplifies access.

    •    When an institution is part of the SURFconext federation, users from that institution can log in to Docfield using their existing university or school credentials.

    •    The identity provider (the educational institution) authenticates the user via SURFconext and communicates this information to Docfield, granting the user access to their projects or resources.

    •    Setup Process:

    •    To enable SSO with SURFconext for your institution, please contact your technical consultant at Docfield for configuration assistance.

    •    Your institution will need to be registered with SURFconext, and your identity provider should be set up to work with Docfield’s SURFconext integration.



Key Benefits of SSO with Docfield


    •    Improved Security: SSO integrates with your organization’s secure identity provider, reducing the need for additional passwords and minimizing the risk of unauthorized access.

    •    Streamlined User Experience: Users can access Docfield using their existing organizational credentials, providing a seamless login experience.

    •    Centralized User Management: While authentication is managed by the identity provider, access control within Docfield is handled internally, allowing for flexible and granular permission settings.


Need Assistance?


For more information or help setting up Single Sign-On for your organization, please contact Docfield’s support team or your technical consultant.


Let me know if you need any further adjustments or additional details!