Single sign-on (SSO) Overview
- Welkin’s login page for its Workshop and Care Delivery (Coach) Portals can be found at accounts.welkinhealth.com
- Welkin supports SAML 2.0 based SSO. You can use any IdP (Identity Provider) which supports SAML 2.0
- Once configured SSO will enable you to restrict access to Welkin via your IdP.
- Creation of accounts and configuration of Worker Roles must still be done in Welkin's Admin portal.
Changes to be aware of when enabling SSO:
- To use SSO, your Welkin accounts must be associated with an email address that exists in your IdP. You can't use email@example.com as an account email address if firstname.lastname@example.org is the actual email address in your IdP.
- Any accounts which have email addresses which are not accounts in the IdP will not be able to login via SSO. You can edit these accounts to allow them to continue logging in via Password.
- Welkin will work with you to migrate any existing accounts with email addresses that do not match your IdP.
- Important Note: Super Admins are responsible for keeping your Welkin environment secure with SSO functionality. You should be using secure passwords and granting password based access only to those accounts which explicitly need it to perform their role.