Skip to main content

Celonis Product Documentation

Celonis ID FAQs

Q: A user can’t access all the teams shown in their team selection. What’s happening?

A: Some of their teams may not be using Celonis ID but an SSO solution provided by your organization instead.

If SSO bypass is turned:

  • Off, the user won’t be able to access these teams using Celonis ID but should be redirected to their your company’s SSO sign in instead

  • On, the user will be able to access their teams using their Celonis ID

 

Q: If I want to set up a new SSO (Company SSO), will I still do this in the team?

A: Yes.

Q: Will SAML-JIT change with the implementation of Celonis ID?

A: If “Allow bypassing via login form” is:

  • Disabled, Celonis ID will have no effect on SAML JIT

  • Enabled, creating new users/memberships and assigning groups automatically will be unaffected but any users signing in using Celonis ID will have their profile updated to reflect the name, language and timezone in their Celonis ID

Q: If SSO bypass is enabled for a team, how will this work with Celonis ID?

A: The bypass URL won’t change and will still be accessible using Celonis UI/Login. However it will now redirect users to Celonis ID instead of Celonis UI/Login. As we can’t currently limit the bypass to specific users only, this means all team members will be able to sign in using Celonis ID. 

We’re currently working on functionality that will introduce controls at individual user level; in the meantime, we suggest disabling this feature if you want to stop this behavior.