Setting up and using Single sign-on with optional two-factor authentication

What are single sign-on and two-factor authentication?

Single sign-on (SSO)

Single Sign-on is a secure authentication system that reduces the burden of login for your user because they can sign in to Arbor using their Google or Microsoft school account. We strongly recommend also using two-factor authentication with SSO but this is not a requirement.

Two-factor authentication

Two-factor authentication ensures school staff are the only people who can access their accounts using a code generated on their phone, even if someone else knows their Arbor password. We recommend Google Authenticator as it’s free for our schools, but you can use other authentication applications instead, such as Microsoft Authenticator or Authy. As part of two-factor authentication, you can use IP whitelisting to allow staff to log into the MIS from the school's IP address without needing to complete the second step of the two-factor authentication.


Who can set up these features?

Google or Microsoft Single Sign-On and Two-factor authentication are available for all schools to set up and use no matter what package you've purchased.

You'll need the School: Permissions: View and either the Staff: User Details: Administer or School: General Admin: Administer permissions.


The Guides

We have different guides available, depending on whether you would like to set up Single sign-on with optional two-factor authentication, or just two-factor authentication

To download and view the guide for Google or Microsoft Single sign-on with optional two-factor authentication, click the link below.


Please note that we're not able to help you with any issues you might have with your Google or Microsoft setup If you're having trouble, please contact Google or Microsoft support.


Was this article helpful?
0 out of 0 found this helpful
I'm still stuck!



Please sign in to leave a comment.