What is SSO?
With SSO, you can log into your Storable FMS software (Edge, Sitelink, Easy) and the Storable SSO Portal with a single set of secure credentials. This system introduces Multi-Factor Authentication (MFA) to help prevent account compromise attacks.
Does my organization need to implement MFA?
Registering your organization for SSO is optional but recommended for enhanced security and PCI compliance. To comply with Payment Card Industry Data Security Standard (PCI DSS) requirements, your organization may be required to implement Multi-Factor Authentication (MFA). Setting up SSO with MFA allows you to transition your company’s login process to meet this requirement.
The most common category of cyberattacks is called Account Compromise Attacks, in which cybercriminals obtain valid credentials either from the dark web or by tricking individuals into providing them. Once acquired, they can easily log into your systems and access sensitive operational and tenant data.
The most effective way to prevent this type of attack is by implementing Multi-Factor Authentication (MFA). A Microsoft study found that MFA is 99.9% effective at blocking account compromise attacks. It’s also worth noting that, beginning on March 31 2025, PCI DSS requires MFA for any system with access to cardholder data.
How does logging into my software with SSO work?
If you choose to enroll your organization in SSO, your login screen will be updated to redirect users to the Storable SSO dashboard when they click the Sign in button. After clicking Sign in, the SSO dashboard login screen will open in your internet browser. Users will be prompted to set up an authentication method on the first login. At future logins, users will be asked to enter their login credentials and a verification code from their verification method.
If users on your account access more than one Storable FMS (Edge, SiteLink by Storable, or Storable Easy), they can use their SSO User Account to log in to all applicable software.
SSO can also accommodate your company’s identity provider (IdP). If you’d like to use your IdP to establish a login for SSO, or if you are already logging in with SSO and would like to switch to your IdP login credentials, please refer to our help article: Using Your Identity Provider’s Login with SSO.
What should I be aware of before registering my organization for SSO?
Once SSO is enabled for your organization, it cannot be disabled.
If you enable SSO for your organization, it will be turned on for all facilities associated with your Edge, Sitelink or Easy company/account.
SSO offers Multi-Factor Authentication (MFA) and users can utilize one or more of the following methods of authentication: Google Authenticator, Okta Verify App, Security Key or Biometric Authentication, SMS, and/or Email.
Users will be required to complete an MFA challenge every 7, 14 (default), 30, or 90 days.
After registration, all users on your account will be prompted to set up an SSO User Account and MFA method.
You can choose whether SSO is required or optional for current users. All new users will be required to use SSO once enabled. Please note that MFA is required for PCI compliance.
User roles and settings will not change when using SSO. Once SSO is implemented for your organization, users will be created and configured in the SSO portal rather than in your software.
In order to prevent login issues, we recommend whitelisting https://*storable.io with your router and/or the computers you use to access your Storable products.
Pre-Configuration Checklist
- ☐
Identify Your Admin: Designate one person to handle the initial setup. If multiple admins attempt to configure SSO simultaneously, it can lead to login conflicts or widespread login issues.
-
☐
Determine your email strategy. Because you will use an email address as your SSO username, we recommend that you provide every employee with a unique company email address.
Shared Emails: If you use shared facility emails, you must decide on a unique "Username" format for each person (e.g.,
firstname.lastname@yourcompany.com). Note that users with shared email addresses cannot use Email as an MFA method or reset their own passwords.
- ☐
Whitelisting: To prevent technical blocks, ensure your IT team whitelists
https://*.storable.ioon your office network and routers. - ☐
Communicate with your organization: We’ve created communication recommendations and a template to help you communicate with your employees.
Key Configuration Decisions
During the Onboarding Wizard, you will be asked to make the following choices:
Setting |
Options |
Additional Information |
Enforcement |
Optional vs. Required |
Start with Optional and communicate a date it will become required. This gives your employees time to complete registration while ensuring they can still access the system if any issues arise. Once everyone is in, switch to Required. Once you set SSO to required, you cannot make it optional again. New users must always use SSO. |
MFA Methods |
App (Google Authenticator, Okta Verify, Microsoft Authenticator, Authy), SMS, Email, Security Key, or Biometric |
If users will be using an app, encourage your employees to install it in advance. Please be aware that there may be copycat apps in the App Store, and ensure everyone is using the official app. Google Authenticator and Okta Verify are free. |
Challenge Frequency |
7, 14, 30, or 90 days |
The default is 14 days. |
Lockout Policy |
1 to 10 attempts |
Users who get locked out will need to contact an administrator at your organization to regain access. |
Allowed Domains |
Specific domains (e.g., |
Use this to restrict SSO accounts to your company's official email domain. |
What resources are available to help me set up SSO at my organization?
To support you in rolling out SSO, we've put together helpful resources:
📖 Employee Communication: Use our communication recommendations and template to inform your team about SSO.
📖 Admin Setup: Follow the steps to enable SSO for your organization.
📖 Employee Setup: Direct your team to the SSO Enablement Guide for Non-Admins for setup instructions.
📖 MFA Setup: If you're using Okta Verify or Google Authenticator for Multi-Factor Authentication, refer to our MFA setup guide for step-by-step instructions.
📖 User Management: After SSO is set up, learn how to manage users in the Portal.
📖 Troubleshooting guide: If you run into an issue, refer to our troubleshooting guide.
📖 Third-Party Identity Provider Login: Learn how to use your company’s identity provider to log in to Storable.
Enable SSO and configure your settings
Once you're ready to enable SSO, follow the instructions in our article: Enablement guide for Admins.