Torq

Enterprise Single Sign-On (SSO) lets you connect Torq with your company's Identity Provider (IdP). This way, you can set Torq roles for users and groups based on your IdP settings.

After connecting Torq to the enterprise IdP, all IdP-authenticated users of specific groups can sign in to Torq.

Torq supports SAML 2.0 and OpenID Connect with code flow and implicit grant type. It's compatible with many enterprise IdPs, including:

You can configure SSO using the following account types:

- Google account
- Local user/password account

Torq assumes that the SSO domain (an organization's identifier) is identical to the email domain of the workspace owner configuring SSO. For example, the administrator identified by <a href="mailto:admin@mycompany.com" rel="nofollow noopener noreferrer" target="_blank">admin@mycompany.com</a> can configure SSO for the domain mycompany.com. If you want to configure SSO for a different domain, contact Torq Support.

If users were invited by email before setting up SSO, they could still log in without it. To avoid this, remove these users and keep only the SSO setup. 

We recommend that you have 1 or 2 backup accounts not tied to SSO, just in case your SSO provider has issues.

If you need to update any claims, add the new ones to Torq first before removing the old ones from your SSO provider. This prevents any access issues.

Users authorized for specific workspaces via SSO cannot access (from an SSO login) the workspaces that they are authorized for via email login. However, email login allows users to view and access all relevant workspaces, including SSO-verified and email-only verified ones.  

- Torq assumes that the SSO domain (an organization's identifier) is identical to the email domain of the workspace owner configuring SSO. For example, the administrator identified by <a href="mailto:admin@mycompany.com" rel="nofollow noopener noreferrer" target="_blank">admin@mycompany.com</a> can configure SSO for the domain mycompany.com. If you want to configure SSO for a different domain, contact Torq Support.
- If users were invited by email before setting up SSO, they could still log in without it. To avoid this, remove these users and keep only the SSO setup. 
- We recommend that you have 1 or 2 backup accounts not tied to SSO, just in case your SSO provider has issues.
- If you need to update any claims, add the new ones to Torq first before removing the old ones from your SSO provider. This prevents any access issues.
- Users authorized for specific workspaces via SSO cannot access (from an SSO login) the workspaces that they are authorized for via email login. However, email login allows users to view and access all relevant workspaces, including SSO-verified and email-only verified ones.

Learn about Torq's Single Sign-On (SSO) capabilities.

Configure SSO for Torq: Boost Security and Efficiency

Hyperautomation™

Blog

Our Story

HyperSOC™

Resources

Security And Compliance

Technology Partners

Careers

Legal & Compliance

Contact Us

WHY TORQ

RESOURCES

COMPANY

API Documentation

Torq Academy

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you

Supported SSO Methods and Protocols

Important to know