Single Sign On (SSO)

How to set up SSO for DroneDeploy

DroneDeploy supports Single Sign-On with most identity providers, including Google, Active Directory, LDAP, and SAML, and many others. 

Each of these connections creates a different workflow, some more complicated than others. Depending on these factors, SSO can take some time to implement. Please connect with your account manager and/or our support team to discuss your connection options.

How to sign in with SSO

Once you have implemented SSO for your organization, users in this account will now be asked to use Single Sign-On. Simply choose the Continue with SSO option at the bottom of the login screen:

Then, enter your email address.

If you are already logged in via your organization's identity provider, you will be directed straight to DroneDeploy. If not, you will be directed to login with your identity provider to confirm your credentials.

Sign-up experience for new users for organizations using SSO

If a new user tries to sign up to DroneDeploy using an email domain that is associated with an organization that has enabled SSO, the new user will be directed to sign in with SSO, and then if it's their first time signing in, they will complete the sign-up form shown below. 

This user will also automatically be associated with the organization and will have Member permissions and assigned Viewer license by default unless the admin sets up different rules for all new SSO users in the security section.

If a new user has an account that is associated with an already active SSO domain, upon sign-up they will be redirected to the SSO landing page and prompted to enter their login credentials. They must use the same username/password for the associated SSO domain. (In this case, the password the user must enter upon sign-up is not relevant).

Multiple Domains

If your organization uses multiple domains/aliases through your SSO iDP, please alert cse@dronedeploy.com and we can assist in setting up more than one domain for log in.

Other Log In Options (Procore and AutoDesk)

For Procore and Autodesk Single Sign On, choose the option listed in the sign in screen:

For mobile sign in, find this under "Other Sign In Options" for Single Sign On, Autodesk and Procore:

FAQ

When should our Organization set up SSO? 

It is recommended to set up SSO as early as possible. The sooner it's in place, the easier it is to maintain accurate user permissions and avoid the need to manually correct improperly invited users.

Does DroneDeploy support OIDC (OpenID Connect)?

Yes, please reach out to your Account Rep or support@dronedeploy.com for more information!

Can we make SSO optional?

Yes, reach out to us to set up your organization to also allow standard login members.

Why are some members of my company still shown as "External" Users?

Once SSO is enabled, any new users who register with your domain will automatically be added to your Organization in DroneDeploy—as long as they have never logged into DroneDeploy before. SSO does not automatically update the membership status of existing users. If a user was previously classified as “external,” you will need to manually invite them to your Organization using the User tool in the Organization settings.

What happens if multiple domains have been added as "members"?

All “member” domains must be included in your SSO configuration for users from those domains to be able to log in.

If certain users have been added as “members” but their email domains will not be added to SSO, those users must be:

1. Removed from the Organization, and

2. Re-added to individual projects as “external” users.