SSO Only Login - Optional Enhancement

Introducing a new security setting that allows admins to enforce Single Sign-On (SSO) as the sole login method across the entire Eloqua instance. This change enhances security by eliminating credential-based logins and ensuring all users authenticate through your SSO provider, and is an optional enhancement.

When enabled, the following applies:

  • All users must log in via SSO. This setting overrides individual user-level login preferences
  • Eloqua credential-based logins will be rejected
  • Eloqua API calls using basic authentication will be rejected (API calls using OAuth will be accepted) 

   User Login Configuration Screen - Select "SSO Only" Option

User Login Configuration Screen - Select "SSO Only" Option


 

Business Benefit: Reduce the risk of unauthorized access, streamlines user management, and align Eloqua access with your corporate security and compliance policies.

Steps to Enable

You don't need to do anything to enable this feature.

Tips And Considerations

  • New 'SSO Only' setting in your security configuration found under Settings > Security > User Login
    • Admins can choose when to enable it. Once enabled, the enforcement takes effect immediately.
    • This setting is optional and no changes will occur until an admin enables it.
    • User-level login preference is set under Settings > Users > [Select a user]. Under the Login Info section you will find the setting 'User is SSO only?'.
  • You must have an Identity Provider (IdP) configured in your Eloqua instance to be able to turn on this setting.
  • As a best practice, we recommend testing the setting in an Eloqua Sandbox before enabling it in your production environment.    

Key Resources

Access Requirements

Eloqua Administration access only.