This document provides answers to frequently asked questions about the BrightGauge SSO process.
Why is ConnectWise Single Sign-On (SSO) being enabled for BrightGauge partners?
Multi-factor authentication (MFA) is critical to combat cyber attacks in today’s ever-evolving threat landscape. MFA helps strengthen your overall business security, reduces security risks surrounding user data, improves user experience, and streamlines login processes. Ensuring the security of our products and services is a top priority at ConnectWise, and this begins with streamlining and securing our log-in process.
Is ConnectWise SSO mandatory?
ConnectWise SSO is not currently mandatory for BrightGauge partners. However, to support an elevated partner experience, ConnectWise SSO is being rolled out to all ConnectWise products over time with the end goal of having a true SSO experience with mandatory multi-factor authentication. Enabling SSO for all BrightGauge partners supports this future state and unifies the way partners access their ConnectWise products, providing a seamless experience and enhanced partner and end-client security across the entire platform.
When does this go into effect?
To enable SSO for BrightGauge partners, account migrations for partners will begin in October in incremental batches and is expected to last through February 2023.
Note:All client viewers using your BrightGauge domain to log in will also be migrated automatically, and if you choose to activate ConnectWise SSO, your client viewers must also log in with ConnectWise SSO like other users in your domain.
When will I know when my account has been migrated?
Because we’re taking a phased approach and migrating BrightGauge partners in small groups between October and February 2023, we will be sure to provide advance notice to you when we expect your account migration to begin and inform you when the migration is complete for your account so you can activate SSO if you choose to do so.
Note: While we strive to provide you with the most accurate and timely information, your anticipated migration date is an estimate only and is subject to change as there may be unforeseen circumstances impacting the date of your actual migration. Should we need to adjust your anticipated migration date, we will communicate any changes with you as soon as we are able.
How do I activate ConnectWise SSO once my account has been migrated?
Once we notify you that your account has been migrated, you can activate SSO from your Account Details page in BrightGauge and click on theConnectWise SSO Enabled button.
To access the Account Details page, log in to your BrightGauge account as an admin, then click on your profile picture in the upper right-hand corner, then select Account Details.
If you decide to activate ConnectWise SSO, your two-factor authentication will automatically change to MFA with email as your default. You can change it to an authenticator app from identify access management (IAM) from your ConnectWise Home profile (individual user account) settings. Your clients will also have the option to change MFA from one form of MFA to another (email to authenticator app).
What will change after I activate ConnectWise SSO?
In phase 1, partners who are migrated to ConnectWise SSO would be able to login using ConnectWise SSO after it is turned on for their domain.
Admins still need to invite new users, edit, or delete existing users from BrightGauge. However, ConnectWise Home admins with access to user management will be able to see users in the User & Application Settings of ConnectWise Home.
After you activate ConnectWise SSO in BrightGauge, your MFA will need to change to email instead of SMS and you can set it to either email or authenticator app, which is a setting in the individual user profile in ConnectWise Home.
You can follow the step below to make changes to your MFA.
1. Open ConnectWise Home
2. Click on your user profile, on the bottom, left-hand corner of the screen.
3. Click on Update profile and preferences link.
4. In the Mult-Factor Authentication section, click on the ellipses and change the MFA used.
Do I need to change my username and password?
You do not need to change your username and password as we will port them over when your account is migrated. You may need to update your password if it does not meet the ConnectWise SSO password requirements.
Will my clients need to enable SSO to view reports if I activate SSO?
If your clients use your BrightGauge domain to log in, they are migrated automatically and must activate ConnectWise SSO similar to all users in your domain.
How do clients activate ConnectWise SSO? What should I tell my clients about this change?
If you choose to activate ConnectWise SSO, your clients must also activate ConnectWise SSO. To help you communicate this change to your end users, we’ve provided a sample template you can customize and share with them:
Hi [Partner Client/ End User],
We're rolling out a new technology—ConnectWise Single Sign-On (SSO)—for the BrightGauge platform to help reduce security risks surrounding user data, improve user experience, and streamline IT management and login processes. Both our team at [Company Name] and yours will need to use ConnectWise SSO from [DATE] onward to log in and view your dashboards on BrightGauge.
The process is simple and easy. The next time you log-in to BrightGauge, click on “ConnectWise SSO Log In” at the log-in screen, then type in your BrightGauge username and password.
Please note, if you are an existing user and the password is not working, click on “Forgot Password” to reset your password. Your old password may not be compliant with the new SSO password policy, so you may be required to make this update to your password. If you are new user, you will need to set up your username and password.
SSO is the best-in-class method for log in today, both in terms of security and user experience. We're sure that upon implementation of your new log in method, you will find the experience seamless.
For additional details, please reach out to us at [help desk contact email].
[Your company / Name of company designee]
We hope you find the above information helpful. Should you have any questions or concerns about the above, please reach out to firstname.lastname@example.org.