Scrunch home

The Scrunch Enterprise plan supports single sign-on (SSO) with major identity providers, including Okta, Microsoft Entra ID (formerly Azure AD), and Google Workspace. Any SAML 2.0 or OIDC-compliant identity provider is also supported.

Additional context: SSO is exclusive to Enterprise plan customers. SSO configuration includes just-in-time provisioning, domain enforcement, admin role management, and brand-level access controls options.

Example

For example, if a Scrunch user wanted to implement SSO via a SAML 2.0 configuration, they would follow four steps:

1. Request activation: Contact Scrunch support to enable SSO.
2. Configure identity provider: Set up the Scrunch application in the IdP (Okta, Entra ID, etc.).
3. Share metadata: Provide the IdP metadata to Scrunch.
4. Test and deploy: Verify authentication works correctly before enforcing SSO organization-wide.

Step-by-step implementation instructions for all types of SSO providers can be found in Scrunch’s Help Center.

Follow-up question: How do I troubleshoot common SSO authentication issues?

Common SSO issues and resolutions include:

If receiving “Authenticated Failed" errors: Make sure that IdP metadata is correctly configured in Scrunch, user accounts are properly assigned to the Scrunch application in your IdP, and that required attributes are being sent to the IdP.

If SSO log-in page is not loading: Make sure that there is network connectivity between the user and the IdP, that IdP endpoints are configured correctly, and browser cookies or cache issues aren’t interfering.

If users can still sign in with passwords: Make sure that SSO is properly enabled by the domain, the user’s email domain matches the configured domain, and the SSO configuration is active.