The November 2024 Nebula update introduces the single sign-on (SSO) feature, streamlining login for users with one set of credentials across multiple applications. This release focuses on integrating with Microsoft Entra ID as the primary SSO provider, with support for additional providers planned for future updates.

Supporting SSO is part of Nebula’s commitment to enhancing security and user convenience. With SSO, users benefit from improved security through centralized authentication. Additionally, SSO saves time by simplifying the login experience and reduces the need for individual credential management.

Key Set Up Requirements

To configure SSO with Microsoft Entra ID, specific details from the provider are required, including:

• Tenant ID
• Client ID
• Object ID

When logging in, users are directed to Microsoft Entra ID, where they will authenticate using their corporate credentials. New fields on the “Firms” page under settings in Nebula support this setup.

Configuring Authentication Methods & Implementation

SSO configuration occurs at the firm-level, with three distinct authentication methods available:

1. Nebula: Nebula manages the authentication by ensuring the entered username and password is the correct combination for the user.
2. SSO Enabled: Firm Administrators can decide at the user-level whether to use SSO or the standard Nebula login credentials.
3. SSO Required: All firm members are required to use SSO.

The user’s IT department must provide and configure the Tenant and Client ID within Nebula. Nebula will generate a redirect URL that the client’s IT team will need to whitelist on their end to complete set up.

User-Level Customization

New fields for managing SSO at the user level allow administrators to specify login details for individual users. The single sign-on checkbox will only be available if the “SSO enabled” option is selected at the firm level. If “SSO Required” is selected, this option is automatically applied and locked.

Bulk User Management

The updated “Authentication tab” on the user screen supports bulk email uploads via CSV for streamlined user management across the firm. Administrators can easily download a CSV from Microsoft Entra ID and upload it to Nebula for a seamless update of all users’ login credentials.

This SSO functionality furthers Nebula’s mission to enhance user experience, providing users with secure and flexible authentication options that support streamlined workflows across the platform.