Cardholders may find other articles in the Getting started section to be more applicable.
Overview
At Ramp, we care about making security a core part of the user experience. To that end, we make it very easy for Admins and IT admins to set login controls to ensure that users are only logging into Ramp using approved login methods.
Jump to:
Setting login controls
You can enable and disable login methods for your employees based on their user roles by clicking Login methods. We strongly recommend requiring SSO for all user types except for Guest users. Guest users will always be allowed to log in with email and password; you can enable other methods for Guests, but password login cannot be disabled.
Once you have enabled multiple login options, you can remove Password by clicking the x to the righthand side of the pill. Note that every user role must have at least one login method enabled. In the below example, Cardholders and Bookkeepers can only log in with Okta SSO, while IT admins, Admins, Owners, and Guests have the additional option of Password.
Creating an exception list
There may be certain individual users who should retain access to password, even if their role has password removed as an approved login. Now you can easily add individual names in an exception list on the second tab of the login control panel. This could be useful for higher-importance individuals, or external users who might not have access to your company's single sign-on (SSO) protocol.