Single Sign-On (SSO) lets everyone on your Enterprise team log in to SurveyMonkey using your organization’s corporate login credentials.
SSO removes the need to maintain a separate SurveyMonkey username and password. Your organization can control who can access your SurveyMonkey team and create authentication policies for increased security.
SurveyMonkey’s SSO solution follows the SAML 2.0 specification and is Service Provider (SP) initiated.
After your organization purchases SSO, your CSM will contact your team’s Primary Admin to start the setup process and connect with your IT department. We recommend waiting to invite people to your Enterprise team until SurveyMonkey confirms that SSO is set up properly.
Here's a high-level breakdown of what to expect when setting up SSO:
Enter SurveyMonkey's metadata XML info into your SAML IdP (if you store your team's data in the European Union, contact your CSM for a different file). You can map attributes from your IdP with the claim types SurveyMonkey accepts.
Send SurveyMonkey your organization's metadata URL. If you’re unable to send the metadata URL, provide the XML file. We'll set up SSO in our system and send you steps to validate that it's working correctly.
We need the following from you:
SurveyMonkey will set up SSO in our system and send you steps to validate that it's working correctly.
If you want to restrict some employees from accessing your team, you can use Active Directory to permit or deny claims on the IdP side.
The first time you log in to an SSO enabled SurveyMonkey account, choose to Create a new account or Convert an account.
After that initial login, you're all set up to log in to SurveyMonkey or the SurveyMonkey app with SSO.
To log in using SSO:
Please contact your IT department or network admin to:
Below are common errors with potential solutions to help resolve them.
You can use Respondent Authentication to send more secure internal surveys and track the people taking your survey with SSO metadata.
Respondent Authentication on the Web Link collector requires survey takers to log in through SSO to access your survey.
Responses are tracked with their SSO metadata—first name, last name, and email address. It isn't possible to make responses anonymous when Respondent Authentication is turned on.
Respondent Authentication is for surveys taken on personal devices—don't enable Respondent Authentication on a public or shared device.
To turn on Respondent Authentication: