The following explains how the Single Sign-On experience works for different users of 6clicks.
Regular Users
Normal users of 6clicks will be directed to sign with the Single Sign-On Identity Provider if their email address domain and selected team match the configuration.
They will not be able to login with a password.
When they login, their profile and roles may synchronize with the Identity Provider due to Just-In-Time Provisioning.
If the user is deactivated in the Identity Provider, they will no longer be able to login to 6clicks.
Advisors
Advisors cannot login directly to a spoke, with or without Single Sign-On.
Assessment Respondents
6clicks has the facility to invite someone to respond to an assessment, who is otherwise not a regular user. There are two possible scenarios:
- The respondent is internal to the organization, with an email address domain matching that configured for Single Sign-On. Internal respondents are directed to login using the configured Identity Provider.
- The respondent is external to the organization, and their email address domain is not listed in the Single Sign-On configuration. External respondents are directed to create a password and will subsequently use the password to login.
Risk Owners who are not users
You may wish to assign Risk Owners who are not regular users of the 6clicks system. In this case, there are two possible options:
- Create the user through the 6clicks administration section. You can then de-activate the user so they cannot login and do not receive notification email.
- Create a User Group that describes the Risk Owner. You could name the group to describe the owner's position, department, or even their individual name. User Groups can be assigned as Risk Owners.