Empuls supports Single Sign-On (SSO) through both SAML 2.0 and OAuth 2.0 standards, enabling employees to authenticate using their existing corporate credentials without managing a separate password.
Secure, Frictionless Access Across Your Workforce
Xoxoday Empuls integrates with your existing identity infrastructure through industry-standard SSO protocols — SAML 2.0 and OAuth 2.0. Employees access Empuls using the same credentials they use across every other corporate application, removing friction from day one and reducing burden on IT teams. There is no additional password to remember, no separate account to provision, and no manual deactivation process when someone leaves the organization. When an employee’s account is disabled in your identity provider, their Empuls access is revoked immediately and automatically.How the Authentication Flow Works
When SSO is configured, Empuls delegates authentication entirely to your identity provider (IdP). The employee clicks “Sign in with SSO,” enters their corporate email, and is redirected to your IdP’s login page. After successful verification, they land directly in Empuls — the entire flow completes in seconds with no additional steps. Empuls is compatible with the most widely deployed enterprise identity providers, including Microsoft Azure Active Directory, Okta, and Google Workspace. Any SAML 2.0-compliant IdP works without custom development.A Real-World Example
Consider an organization that uses Microsoft Azure Active Directory as its identity provider and Microsoft Teams for day-to-day collaboration. With Empuls connected to both, employees authenticate once through Azure AD and access Empuls directly from the Teams sidebar — no second login, no separate password prompt. For organizations running Workday or SAP SuccessFactors for core HR, SSO keeps the identity layer consistent across the entire HR tech stack, including recognition and rewards workflows.Compliance and Security Benefits
SSO is a foundational control for organizations operating under ISO 27001 or SOC 2 Type II frameworks. Centralizing authentication means all login events are captured in a single audit trail, access policies are enforced uniformly, and deprovisioning is instantaneous when an employee exits. It also narrows the attack surface. Employees do not create weak or reused passwords for a secondary tool. Multi-factor authentication enforced at the IdP level applies to Empuls access automatically, with no additional configuration required inside Empuls.Administrator Setup
Configuring SSO in Empuls is handled through the Empuls admin console by your IT or People Ops administrator. Setup requires your IdP’s metadata URL or XML file and typically completes in minutes. Once live, SSO applies automatically to all users in the configured domain. For organizations with multiple entities or subsidiaries, Empuls supports domain-based SSO configuration, allowing different business units to authenticate through different identity providers from within a single Empuls instance. Learn more: Empuls Help Centre — Single Sign-On (SSO) IntegrationHRIS Integrations
Sync employee data automatically by connecting Empuls with Workday, Darwinbox, SAP SuccessFactors, and other HRIS platforms.
Microsoft Teams Integration
Send recognition, rewards, and engagement nudges directly inside Microsoft Teams so employees never have to leave their workflow.