Single Sign On (SSO)

LegalServer currently offers integration with the following single sign on providers:

Google Workspace

Microsoft Azure AD


Applicable Regardless of Provider

Setting the Global Enforcement Policy to "Enabled and Required" removes the login fields from the landing page and provides users only with the "Single Sign-On" link:

Setting it to "Enabled" leaves the standard LegalServer Username and Password prompt, allowing a user to bypass the SSO link and login that way (assuming they enter valid credentials).

Break the Glass Account

A common question is how an administrator would get into a site if their SSO wasn't working and "Enabled and Required" is used, thus not showing login fields. You would not be able to.

If desired, a site can use "Enabled", exposing the login fields, but set the password for all but select users to a random, unknown-to-the-users value.