Skip to content
English
Contact us
  • There are no suggestions because the search field is empty.

ComplyHero SSO setup

If you want to use Single Sign-On (SSO) with ComplyHero, we offer the following options:

  • SCIM provisioning

  • SSO sign-on

  • JIT provisioning with mapping of custom fields (limited by your Active Directory)

Since the ComplyHero and ComplyCloud SSO connections are shared, please contact us before setting it up to avoid potential duplicate configuration work.

SCIM Provisioning

The setup process for SCIM provisioning in ComplyHero follows the same procedure as in ComplyCloud, with a few exceptions:

  1. Before starting, ComplyHero must be enabled for your account.
    Please contact us to request activation.

  2. Once enabled, you can begin the setup. Under App Roles, you’ll now see the role “ComplyHero.”

  3. When a user is provisioned with the ComplyHero role, they will automatically receive an invitation to ComplyHero and be added to your department.

If you want to further automate how users are organized based on information from your Active Directory (AD), you have two options:

Option 1 – Department-based placement

If information is specified (and provisioned) in the department field
(urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:department) through AD, the user will automatically be placed in the department that matches that name exactly. If no match is found, the user will be placed in your main department.

Option 2 – Group-based mapping via JIT provisioning

If you need to define additional data points or group memberships, these can be configured using Just-In-Time (JIT) provisioning, where we can set up claims and fields to automatically assign users to groups. Please note that with this method, user data is only updated when the user logs in, as JIT provisioning is triggered at sign-in.