SSO and Forced SSO

Forced SSO and Domain Restrictions are security features that ensure that only the right people have access to your Alyce dashboard. 

What is single sign-on (SSO)?

Single sign-on is a technology that combines several different login screens into one. It's convenient for users and more secure for companies. 

At Alyce, we allow our customers to log in through SSO using MS Office, Google, or Okta. 

Forced SSO ensures that users use single sign-on to log in by restricting username and password access. 


Instead of logging into Google, Evernote, Jira, and Alyce, wouldn't it be nice to log into one application and then have access to your others?

That's what single sign-on (SSO) allows users to do on many SaaS applications. It's super convenient for users who no longer need to remember several credentials every time they need to log into an application. 

It's quick, convenient, and removes the likelihood of needing to recover passwords. 


Forced SSO is also considered to be more secure. It's much easier for IT teams to ensure better password policies (like periodic resets), enable multi-factor authentication, and enforce password re-entry when a certain time passes. 

Because of the single-point credential management.

SSO vs. Forced SSO

What is the difference?

With SSO, we allow end users to choose between using a password and Single Sign On. With Forced SSO, users are unable to use a password; they need to use SSO to access the app. 

SSO is shown on the top part of this login screen, where you can click to sign in with Google or MS Office. This is the Okta SSO screen.

Okta SSO

To enable Okta SSO, please see the Okta Integration Guide

What are Domain Restrictions?

Domain restrictions are a security functionality that allows organizations to restrict access to their Alyce dashboard unless the user's email domain is approved.

It helps ensure that team admins invite no one outside of the organization.

To learn how to set up Domain Restrictions, click here


With Domain restrictions, people will not be able to log into the Alyce platform unless they have a domain that has been whitelisted. 

This ensures that team admins will only send Alyce platform invitations and allow access to people within the organization. 

Please note: 

  • If there are several different users on several domains, each domain will need to be added to ensure everyone can access the dashboard. 
  • If using domain restrictions, third-party consultants will not be able to access the dashboard unless the domain has been approved.

This can be used in conjunction with Forced SSO so that someone needs to use SSO to access the dashboard and can only access it if their email has an approved domain.

Still need help? Contact Us Contact Us