Identity Providers

Twingate supports Google Workspace for all product plans, as well as a number of popular identity providers in our Business and Enterprise product plans. For detailed setup and configuration steps, select an IdP from the section below.

Twingate can allow users to be automatically added or synced from a linked identity provider’s user directory, while also allowing users who use social logins (e.g. Google or LinkedIn) to be manually added by an admin. This can be useful if you need to provide access to external parties like contractors who don’t have accounts that are managed through your identity provider. To enable this functionality for your Twingate account, please Contact Us.

Changing the Identity Provider

If you wish to change the identity provider linked to your Twingate account, you can do so via the Identity Provider page under your account’s Settings. From the options on your configured identity provider, you can disconnect the integration. When the identity provider is disconnected, all users and synced groups will be removed. You will be required to input an email address of the new user that will be set as the admin. This user must be able to log in via one of the supported social login options (Google, Microsoft, Github, or LinkedIn).

After you disconnect the identity provider, you can re-authenticate into the Admin Console via the email address you inputted. To set up a new identity provider, you can navigate back to the Identity Provider page.

Offboarding Users

There are situations where you will need to offboard users from your Twingate account. When using an enterprise identity provider, the offboarding process involves managing the user within the IdP and ensuring that changes are synchronized with Twingate. For more information on offboarding users, see the Offboarding Users page.

Twingate Universal 2FA

Regardless of your identity provider, we recommend using Twingate’s native 2FA functionality. This enables precise control over when a two-factor challenge is issued, allowing 2FA to be applied to any network resource with no application configuration required.

Instructions on setting up native Twingate 2FA can be found here.

Last updated 1 month ago