What is Single Sign-on (SSO) and how does it benefit me?

Single Sign-on is an authentication process that allows you, the user, to access multiple applications with one set of login credentials. You may have seen this utilized already within your company, through Microsoft SSO for example, as its use is common in an enterprise setting. SSO features multiple benefits; specifically, here are some ways it can optimize your experience as a user:

  • Elimination of credential reauthentication; saving time, improving productivity and streamlining workflow.
  • Reduction in phishing risks.

How to use SSO:

Once enabled by your System Administrator, the familiar Opus 2 Login Page will now display a new icon: “Single Sign On.” Clicking on this icon opens a new tab on your browser within which you will be prompted to enter the login details for the SSO your System Admin has enabled. These may be the same as your current enterprise login or may be an entirely different set of credentials – please contact your System Admin to confirm which details to use.

Password resets will also now take place through your SSO standards, and you will be unable to utilize the Forgot your Password link on the login page. You will need to contact your firm’s internal IT support for further assistance.


Note: If you find a new tab does not open – check to see whether your browser is allowing pop-ups from Opus 2. Disable any pop-up blockers, if necessary. 

System Admins: How can I manage SSO?

SSO settings for your platform can be found within the System Admin page, within the Authentication tab.


SSO is not automatically activated with your server’s upgrade. Should you choose to enable SSO, please contact Opus 2 US Support, who will guide you through the process for your instance. Opus 2 Support will first need to set up Keycloak for SSO to become effective on your server.

Following successful setup, you can choose the login policy to be utilized on the platform, whether the preference is SSO only, standard login credentials, or both. You can assign a different login policy on a per-user basis. This can be done from the System Admin > Users page.