TextExpander And Single Sign-On (SSO)

TextExpander supports Single Sign-On (SSO) via the SAML (Security Assertion Markup Language) protocol.

SSO allows a user to sign in to multiple services using one set of login credentials managed by an identity provider such as Okta or OneLogin.

Companies with a large number of permanent and temporary staff choose SSO because it enables them to easily give and revoke access to systems and services.

Here’s what happens when you set up SSO for TextExpander:

  • Users access TextExpander via their IdP SSO dashboard or Portal.
  • New users can’t create individual accounts on TextExpander.com using their work email address
    *Requires Domain and Single Sign-On (SSO) settings configured to be mandatory within the TextExpander settings.
  • Admins can deactivate users’ accounts from the SSO dashboard*.
    *Only if the organization use SCIM-based user provisioning.

Turning on SSO requires having a Closed TextExpander Organization. If you created your TextExpander Organization prior to June 13, 2019, then you will need to transition it to Closed. Learn more about Closed Organizations.

Closed vs. Open Organizations

Prior to June 13, 2019, all organizations created were Open.

Open Organizations have no control over user accounts. Users create individual TextExpander accounts and can opt to join the Organization. Users own all the Snippets they create.

Organizations are Closed for full ownership and control of user accounts. This gives the Organization Admin access to all user activity data.

With SSO, users can:

  • Sign in to TextExpander with their company email address. No separate password is necessary.
  • Start using TextExpander with the account the Admin already set up for them.

With SSO, admins can:

  • Easily onboard new users. 
  • Give users access from their SSO dashboard. 
  • Pre-populate users’ accounts with Snippets.

See How Do I Set Up SSO? for instructions on how to set up SSO for your company.