Sophos sign-in settings

You can allow your administrators and users to sign in using their Sophos Central Admin email and password, federated sign-in, or both.

Your chosen sign-in settings apply to all Sophos Central products. You can set up custom rules for administrators who need different access.

Requirements

If you want to use federated sign-in, you need to set up a domain and an identity provider. You can assign a user to only one domain and one identity provider. See Set up Federated sign-in.

If you choose to use federated sign-in only as your sign-in option, you need to know the following:

• You must ensure that all your administrators and users are assigned to a domain and have an identity provider.
• Administrators and users can't reset their passwords. You need to turn off federated sign-in only so that they can reset their passwords.
• If you change to using Sophos Central Admin email and pasword only, administrators and users won't have a password set up that they can use to sign in. They need to use "Reset Password" to set a new password and sign in.

Set up Sophos sign-in settings

To choose how your administrators and users sign in, do as follows:

1. Go to Global Settings > Sophos sign-in settings.

   

2. Choose how you want your administrators and users to sign in.

3. Add custom sign-in rules for specific administrators, if required.
4. Click Save.

The options you choose here affect what your administrators and users see when they sign in. See Sign-in options.

Add custom rules

You can set up custom rules for administrators who need different access.

To do this, do as follows:

1. Go to Global Settings > Sophos sign-in settings.
2. Click Add custom rule.
3. Add the administrators you want to make a custom rule for to Selected Users.

4. Choose how you want them to sign in and click Save.

   

The rule appears in Sophos sign-in settings. It shows the name of the administrators and the sign-in settings that apply to them.