Frequently Asked Questions

Single Sign-on

Single Sign-on

If your question is not addressed below, please contact us through our support form and we'll get back to you shortly.

What is Single Sign-on?
How do I set up single sign-on (SSO) with IDrive?
How do I configure my IDrive account for SSO?
How can I enable SSO for my sub-account users?
Can I configure my own identity provider for SSO?
If I disable SSO, can my sub-account users still access IDrive?
How do I link my computers and mobile devices?
How do I sign in to my SSO enabled account from the IDrive desktop application?

What is Single Sign-on?

Single Sign-on (SSO) is a one-step user authentication process. If you are the admin of an Enterprise account, you can allow your sub accounts to access IDrive by signing in to a central identity provider.


With single sign-on (SSO), you can put the identity provider you already trust in charge of authentication, and your sub accounts can access IDrive without another password to manage.

How do I set up single sign-on (SSO) with IDrive?

If you have subscribed to the IDrive Enterprise plan as an admin, you can enable your sub-accounts to access IDrive by signing in to a central identity provider. To set up SSO with IDrive, you need to first configure your identity provider and then configure SSO in IDrive.

How do I configure my IDrive account for SSO?

To configure SSO,

  1. Sign in to idrive.com with your 'Username' and 'Password'.
  2. Go the 'Dashboard' tab, and click 'Settings' on the LHS.
  3. Click 'Security' and go to 'Single sign-on' section.
  4. Enter the URLs and add the X.509 certificate received from your IdP.
    Note: X.509 certificate should only be in .pem or .cer format.
  5. Click 'Configure Single Sign-On'.


How can I enable SSO for my sub-account users?

You can enable SSO while creating sub-accounts. Just ensure that the user credentials associated with the identity provider are mapped with your sub-account usernames in IDrive.


To create an SSO enabled Sub-account,

  1. Sign in to idrive.com with your 'Username' and 'Password'.
  2. From the 'Sub-accounts' tab, click . The 'Create Sub-account' screen appears.
  3. Enter 'First Name', 'Last Name', and 'Email Address' of your sub-account.
  4. Select the 'Single Sign-On' checkbox.


  5. Allocate storage space and click 'Create Sub-Account'.

Alternatively:

  1. Sign in to idrive.com with your 'Username' and 'Password'.
  2. On the 'Dashboard' tab, click .


  3. Select 'Add Users' from the list. The 'Add Users' screen appears.
  4. Enter 'First Name', 'Last Name', and 'Email Address'.
  5. Select the 'Enable SSO' checkbox.
    Note: If you select the checkbox, you won't be able to set the password.
  6. Click 'Add User'.

Note: SSO enabled sub-account users cannot update the email address, reset or cancel their account.

Can I configure my own identity provider for SSO?

Yes, you can configure your own identity provider for SSO along with a set of parameters as described below:

  • IDrive uses SAML2 with the HTTP Redirect binding for IDrive to IdP and expects the HTTP Post binding for IdP to IDrive
  • While configuring with SAML, use the following two URLs and save the changes.
    - Single sign on URL - https://www.idrive.com/sso/process
    - Audience URL (SP Entity ID) - https://www.idrive.com/sso/metadata
  • Your identity provider may ask if you want to sign the SAML assertion, the SAML response, or both

If I disable SSO, can my sub-account users still access IDrive?

In case an admin disables single sign-on for a user, the admin will need to set a new password for that sub-account user. Once done, the sub-account user must sign in to the IDrive account with their username and new password, on all the relevant devices to continue with the backups.

How do I link my computers and mobile devices?

All computers and mobile devices that are currently linked to IDrive accounts will continue to work as normal. However, if users need to relink a device or link a new one, they'll need the latest versions* of the desktop application and mobile app in order for single sign-on to work. If they haven't signed in to your identity provider, they'll be automatically redirected to do.


* Note: SSO is supported for IDrive Windows application version 6.7.1.17 and higher / Mac application version 3.5.2.5 and higher / iOS app version 4.1.4 and higher / Android app version 4.1.15 and higher.

How do I sign in to my SSO enabled account from the IDrive desktop application?

Once the admin enables SSO for a sub-account user, they can use the IDrive desktop application to sign in.

To sign in via SSO,

  1. On the 'Sign in' screen, click 'Single Sign-On (SSO)'.

  2. Enter 'Username / Email' and click 'Sign in'. You will be redirected to IdP web sign in page.
  3. Enter the username and password registered with IdP, when prompted to enter credentials.

Upon successful validation of user identity, you will be prompted to go back to the desktop application and you can now continue using your IDrive account.


To switch and sign in from another SSO-enabled account,

  1. Logout from your SSO account.
  2. Click against 'Username' on the SSO sign in screen.
  3. Click 'Yes' in the confirmation popup to switch to another SSO account.


1-818-485-4333