Authentication > Integrate Azure AD SSO
Authentication and SSO
Tallyfy provides free Single Sign-On (SSO) integration for all customers on paid plans. Connect to your existing corporate identity systems in about 30 minutes.
Your team members use their company credentials from Microsoft Azure AD, Google Workspace, Okta, OneLogin, or other enterprise identity providers to access Tallyfy.
Paid plans include optional SSO-only enforcement settings that require everyone to authenticate exclusively through your designated identity provider.
Strategic Benefit | Description |
---|---|
Security | Use your organization’s existing security policies and multi-factor authentication for Tallyfy access |
User Experience | Users log in with their corporate username and password |
Access Control | Manage all Tallyfy access permissions from your identity management system |
Account Provisioning | New users automatically get Tallyfy accounts on first SSO login |
Security Policies | Enforce the same authentication rules (password complexity, session timeouts) across all systems |
IT Support | Eliminate password reset tickets and simplify user account management |
SSO authentication creates legally defensible audit trails that can replace traditional e-signature solutions for internal company approvals.
Traditional e-signature challenges:
- Additional cost per signature/user
- Separate system to manage and train
- Workflow interruption (leave Tallyfy, sign document, return)
- Limited integration with process tracking
SSO-based approval advantages:
- No additional cost: Included with all paid Tallyfy plans
- Identity verification: Corporate SSO confirms the approver’s identity through company authentication
- Audit trail: Every approval logged with timestamp, user identity, and IP address
- Workflow integration: Approvers complete their task without switching tools
- Legal compliance: SSO authentication meets requirements for internal corporate approvals in most jurisdictions
Common use cases for SSO-based approvals:
- Purchase order approvals
- Internal policy acknowledgments
- Budget authorizations
- Project sign-offs
- Compliance confirmations
- HR document approvals
Organizations can require all users to authenticate through corporate SSO. Tallyfy can lock down access so SSO becomes the only authentication method.
- Standard authentication disabled: Email and password logins disabled organization-wide
- Identity provider provisioning: All users must come through your corporate identity provider
For technical details and security implications, see Compliance documentation on Mandatory Single Sign-On.
To enable “SSO only” mode, contact Tallyfy support.
SSO login process:
- Organizational portal: Users access a customized Tallyfy login link for your organization
- Identity provider redirect: Tallyfy redirects to your company’s login portal (Azure AD, Google Workspace, etc.)
- Corporate authentication: Users enter work credentials and complete multi-factor authentication
- Return to Tallyfy: After authentication, users are automatically logged into Tallyfy
- Account provisioning: First-time users get accounts created automatically using identity provider data

Tallyfy supports these enterprise identity management systems:
Microsoft’s enterprise cloud identity and access management platform. Includes conditional access and multi-factor authentication.
Google’s identity and productivity platform for businesses using Gmail, Drive, and other Google tools.
Google Workspace Setup Guide →
Cloud-based identity service specializing in enterprise SSO.
Identity and access management platform with SSO capabilities.
Any identity provider supporting SAML 2.0 can be configured. Contact support to verify compatibility.
- Administrative access: Admin rights in both Tallyfy and your identity provider
- Configuration exchange: URLs, security certificates, and metadata exchange between systems
- Attribute mapping: Configuration for user info (email, name, role) flow from identity provider to Tallyfy
- Testing: Test with different user types before company-wide rollout
- Select provider: Choose the setup guide for your identity system (Azure AD, Google, Okta, or OneLogin)
- Contact support: Reach out to Tallyfy support or your account manager
- Configure identity provider: IT team handles technical configuration
- Test authentication: Test with users from different departments and roles
- Deploy: Notify your team about the new login process
Authentication > Integrate OneLogin SSO
Authentication > Integrate Okta SSO
Authentication > Integrate Google Workspace
- 2025 Tallyfy, Inc.
- Privacy Policy
- Terms of Use
- Report Issue
- Trademarks