SSO - Add SAML authentication support
Implementing SAML for authentication to allow businesses to manage the identities themselves such as businesses that connect their identity provider to LDAP
Purpose: Allow staff to login easier and depending on the identity provider setup securely.
Geoff Boyce commented
How is this not a feature yet? This was one of the most highly voted and longest running feature requests. Years have passed by with promises that this feature was on the roadmap and still nothing.
I find it astounding that with the launch of “product ideas”, all previous feature requests and voting had been wiped clean. Prior to that was the removal of dates for people’s comments to hide just how long people had been asking for these features. There really isn’t any point having a user feedback community if you simply don’t want to listen.
Adrian Bole commented
Or business is all about identity and security and sso is one of the things we recommend to our customers. It’s good for us if we can practice what we preach and can boat our own security with MFA when Xero doesn’t always provide it.
Ashley Knowles commented
why isn't this implemented yet?
Marina Levi commented
supporting SSO and user provisioning and allow gallery predefined AzreAD integration will allow customers to perform IdP management by themselves and reduce pressure from Xero team. So it's not benefit customers only but helps to save time for Xero-own eng team.
Also, supporting SAML - means supporting modern standards (reputational/brand-related) for Xero.
Please implement saml based sso and user provisioning!
Nathan Morris commented
How is SAML authentication support not a thing yet?
Brandon Witzig commented
Extremely important feature. SSO is critical to make sure we are compliant with on/offboarding of users
Matt Batchelor commented
We've been using app-based MFA but being able to use something like duo.com for backups, resets and push notifications (i.e. fido2 key and/or mobile app) would make support a lot easier for small firms.
Andrew Wallace commented
At least a single SSO option (SAML, OAUTH, etc) for external IDPs (o365, Okta, OneLogin, etc) to authenticate should really be a basic feature for business software...in >2020
Niklas Restle commented
Very weird that this isn't supported.