Unified Authentication (UA) Access

Unified Authentication (UA) is a password-validation approach that streamlines the verification process by allowing individuals to sign in once with a single set of credentials. Customers using Webflow’s Enterprise Workspace plans can activate UA on their Workspace so all Workspace members can sign in through an Identity Provider (IdP).

Important: UA is exclusively accessible for customers on Enterprise Workspace plans.

This document will cover the following topics:

What does UA entail?
Considerations for UA
How to initiate UA

What does UA entail?

Unified Authentication (UA) validation is a password-validation approach that enables secure access to multiple interlinked applications or systems using a single set of credentials.

The primary advantage of UA is that it allows organizations to centrally manage access to their systems and control the level of access each person possesses. UA simplifies the experience for team members, reduces fatigue from remembering passwords, and enhances organizational security.

Considerations for UA

Team members must first be granted access to Webflow from your designated IdP before they can utilize UA.

Important: Despite UA not being compatible with the Editor, content editors can sign in through UA as Workspace members with editing access in the Designer.

UA implementation

UA can be utilized on Webflow either as an optional or mandatory signing-in method. In cases where UA is optional, Workspace members can log in to your Workspace through IdP or using standard login credentials. If UA is mandatory, Workspace members must go through IdP authentication before accessing your Workspace. They will still be able to access their personal Workspace using standard login details.

If some Workspace members have diverse email domains not administered by your IdP (e.g., freelancers, agencies, etc.), it is advisable to set UA as an optional feature. This guarantees they can continue accessing your Workspace using standard login credentials. UA settings do not impact Workspace guest access.

Real-time Provisioning

Real-time Provisioning is a user management method where accounts are generated dynamically at the point of user authentication. If enabled, Webflow UA can support Real-time Provisioning to automate account creation and Workspace entry.

To prevent unauthorized individuals from being automatically added to your Workspace, it is recommended to combine Real-time Provisioning with UA implementation. Until your IT team grants them access to Webflow via your IdP, unauthorized users will receive an error message indicating they do not have Workspace access and should contact your company administrator.

When Real-time Provisioning is turned on, the following actions take place when a new Webflow user with your UA email domain logs in via UA:

Webflow automatically generates a user account for them if it does not already exist
This user is promptly invited to your Workspace and assigned a seat if they are not yet a member. If there are no available seats in your Workspace, they will receive an error message stating they lack access to the Workspace and should reach out to your company admin

Deactivation

Upon revocation of a user’s Webflow access by your IdP, they will be unable to use UA to access Webflow. As Webflow currently does not support directory synchronization or SCIM, the Workspace Owner or Administrator should remove the user from your Webflow Workspace after revoking their access through the IdP to free up their seat.

Supported UA Configurations

SetupWorkspacesDomainsIdentity Providers (IdP)Supported by Webflow?

“Standard”1 Workspace1 domain in 1 Workspace1 IdP organization for 1 domainYes

“Multi-domain”1 WorkspaceMultiple domains in 1 Workspace1 IdP organization for all domainsYes

“Multi-Workspace”Multiple Workspaces1 domain across all Workspaces1 IdP organization for all domainsYes

“Multi-IdP per customer”Multiple WorkspacesMultiple domains (1 per Workspace)Multiple IdP organizations (1 per domain and per Workspace)Yes

“Multi-IdP per Workspace”1 Workspace1 or multiple domainsMultiple IdP organizations for 1 WorkspaceNo

Supported IdPs

Webflow presently only supports connections via OAuth and SAML. Kindly reach out to our Enterprise sales team to verify support for your IdP.

How to initiate UA

Clients on Webflow’s Enterprise Workspace plans will receive personalized UA setup guides from Webflow’s Customer Success teams. In case you have had your kickoff call but not yet received the UA setup instructions, please get in touch with your Customer Success Manager or Technical Architect to embark on the process.

Author
Recent Posts

Ewan Mak

Webflow Expert at Tenten

Webflow expert and frontend developer with 4+ years of experience. I bring a versatile skillset (HTML, CSS, JS, Figma, Adobe) to craft exceptional Webflow experiences. 70+ projects honed my ability to seamlessly blend custom code and visual development. Organized, deadline-driven, and passionate about growth, I excel in dynamic environments. Let's push boundaries and create something amazing.