Single Sign-On (SSO) allows your staff and ambassadors to log in to TAP using their existing university credentials. This improves security, reduces the need for separate accounts, and makes it easier for users to access TAP.
Steps to configure SSO
-
Log in to your TAP admin dashboard.
-
Go to Settings > Integrations.
-
Under Configure SSO, select your provider from the dropdown menu:
-
Microsoft Azure AD
-
Open ID Connect
-
SAML (Custom)
-
Provide the details of the configuration that match what you have set on IDP:
-
-
Enter the required details for your provider (your IT team will supply these).
Organisation name
-
Use only symbols (no spaces) in organisation name (“_” can’t be used).
-
Name can’t be changed after you activate SSO
-
Organisation name will be shown on the authorisation pop-up like 'Your-organisation-name' For ambassadors you.
Metadata
For Azure
MetaData URL: App Federation Medatata URL (in Azure terms)
For SAML
Metadata:
Upload Metadata that you have downloaded from your provider
-
-
Click Activate SSO to complete the setup.
Once enabled, your staff and ambassadors can log in using their university accounts.
🚫 Don’t click on SSO ONLY access until you are done with testing and have ensured that SSO is working for you and you can access both dashboard and a mobile app using both SSO and non-SSO credentials.
⚠️ After the configuration is complete you can log into the application using both SSO and non-SSO powered credentials that you may have had before the configuration.
ℹ️ When you are done with testing (see above), you are able to turn on SSO-only access. You will be logged out immediately and you will need to log in again using SSO credentials.
Tips for success
-
Work with your IT team to configure SSO correctly — they will have the necessary access and credentials.
-
Make sure you test SSO with a small group of users before rolling it out widely.
-
If staff or ambassadors can’t log in, check that their university email domain is correctly configured.
-
You can disable SSO at any time in Settings > Integrations if needed.
Why use SSO?
-
Improved security – users log in with existing institutional credentials.
-
Simplified access – no need for multiple logins or passwords.
-
Consistency – users can move across TAP applications without logging in again.
Any questions please get touch with us. We'd also be happy to have a quick 15-30 minute call to help anyone who requires additional help.