As part of our ongoing commitment to security, we are excited to announce support for Single Sign-On (SSO) and new user access levels.

With SSO and new user access levels you can:

  • Centrally manage your policies for authentication and access

  • Enforce policies like two-factor authentication and password rotation

  • Grant users read-only access to your workspace

These new features are now available to all customers on a Business plan.

Enforce authentication and access policies with Single Sign-On

SSO lets you use your existing SAML-based identity provider (such as Okta, OneLogin, or Duo Access Gateway) or GSuite to centrally enforce your policies for authentication and access in Segment.

We’re pleased to share that you can enable SSO through a self-service workflow. Check out the docs to see how easy it is to get set up today.

Control access to your account with new user access levels

Customers on a Business plan can now manage access to their account by assigning team members to one of three roles: Owner, Source Collaborator, or Read-Only Member. With the latest upgrade, you can let team members access your account to view your Schema or use the Debugger to troubleshoot tracking issues while limiting their ability to add new Sources or Destinations.

To help you select which role is right for each Segment user in your workspace, here is an overview of each role:

  • Owner: Owners have read/write access to all settings and Sources inside of a workspace. Owners can add or delete Sources and Destinations, update billing settings, add new team members, and more.

  • Source Collaborator: Source Collaborators have read/write access to all data and settings for specific Sources only. Source Collaborators cannot view or make changes to other Sources in your account or workspace. They also do not have access to any other workspace, account, or billing details.

  • Read-Only Member: Read-Only Members can view any Source or sub-resource to see their layout, settings, and live data in the Debugger. However, they cannot create or modify any Sources or Destinations. Read-Only Members can also view workspace settings, but cannot modify any settings.

To update your team members’ roles, go to Workspace Settings > Team Settings, and select the appropriate role.

To add a Source Collaborator, navigate to the Settings page for a given Source, and click Collaborators from the left-hand menu.

These updates reflect our ongoing commitment to data security and privacy at Segment, as well as our commitment to making your experience with our product as frictionless as possible.

If you’re a customer on a Business plan, check out the docs to get started with Single Sign-On or to learn more about new user access levels. If you’re interested in managing SSO or user permissions and are on our Team or Developer plan, get in touch!