Guide to Domain Lock and SSO

If you're using Google Workspace or Microsoft Office 365 for your email service, you have the option to allow anyone with an email address at your domain to log in to Mathison as a Basic User.

Once logged in, you can update their roles and permissions as needed.

How to enable domain lock

ℹ️ Must have Super Manager access

  1. Click on your avatar in the top right corner

  2. Navigate to Organization Settings

    Under Login Settings, click Edit

    Select Invite Only or Domain Lock (SSO)

    ⚠️ Make sure to check your IT policies before turning on Domain Lock. If you don’t have the correct approvals, you might lock your org out of Mathison.

    1. Configure Domain Lock (SSO)
    2. Choose your service provider: Google or Office 365
  3. Click Save

Screenshot 2024-01-26 at 3.00.43 PM.png

⚠️ Note: If you’re upgrading to Domain Lock from Invite Only, any team member that created an account using an email that doesn’t match your domain exactly will need to create an account with an email address at your domain. See Guide to Domain Lock or SSO

FAQ

  • Who can configure Domain Lock/SSO?

    Only EP Admins can configure Domain Lock; Mathison admins cannot do this for you. Also, please note that you must have the Super Manager role.

    Your org’s IT policies may require you to request approval before configuring domain lock.

  • Can I configure multiple domains?

    No, currently you can only configure one domain per org.

  • Where can I find external documentation for Office 365 domain lock?

    Please see Microsoft Identity Platform Authentication Troubleshooting Guide

  • Do you support SAML?

    Not at this time.

  • If I have domain locking enabled, can I still send invitations?

    No, this feature was deprecated and is no longer available.

  • My org was on default login before upgrading to Domain Lock/SSO. Can previous users still log in?

    After configuring domain lock, previous users can still log in with SSO as long as they have accepted their invite and their email uses the same domain.

    Users who created an account using different email domains before domain lock was turned on will not be able to log in. We recommend that you create a new account for these users using the email domain configured to your Mathison org.

  • After creating an account with Domain Lock/SSO, what access or permissions do users have?

    When users log in with Domain Lock/SSO for the first time, their account will be given Basic User access by default. Basic Users can only access the Knowledge Center and Bias Scanner.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us