Security · Basics · Explainers
What is single sign-on (SSO) in a CRM, and why does it matter?
The short answer
Single sign-on lets users log into a CRM using credentials from a central identity provider, like Google or Microsoft, instead of a separate CRM password. It matters because it centralises access control — when someone leaves the company, revoking one login removes their access everywhere, including the CRM.
Every extra password a company manages is an extra way for access to go wrong — a former employee’s login never revoked, a shared password nobody remembers to rotate, a weak password reused from somewhere else. Single sign-on exists to collapse that sprawl into one identity, one place to grant access, and one place to take it away.
What is single sign-on?
Single sign-on (SSO) lets a user log into multiple applications, including a CRM, using one set of credentials managed by a central identity provider — commonly Google Workspace, Microsoft Entra ID, or a dedicated provider like Okta. Instead of a separate CRM username and password, the CRM redirects the login to the identity provider, checks the response, and signs the user in if the identity provider confirms who they are.
The user experience is simpler — one login for everything — but the real value is administrative, not convenience.
Why does it matter more than it sounds like it should?
The benefit shows up most clearly at the moment someone leaves the company:
| Without SSO | With SSO |
|---|---|
| Admin must remember to deactivate the CRM account separately | Deactivating the central identity revokes CRM access automatically |
| Password strength varies per person, per tool | Password policy is enforced once, centrally |
| No single view of who has access to what | Identity provider shows every connected app per user |
| Multi-factor authentication configured per tool | MFA enforced once, applies everywhere |
This is the access-control equivalent of what role-based access control does for permissions inside the CRM — SSO controls whether someone can get in at all; RBAC controls what they can do once they are in. Together they answer both halves of “who can touch this data.”
Does a small team actually need it?
Not always immediately, but the threshold is lower than most teams assume:
- Any team storing sensitive customer data benefits from SSO regardless of size — it is one of the cheapest controls available, and it directly supports the case that your CRM data is safe.
- Teams with regular staff turnover get the most concrete benefit, since offboarding is where manual access control fails most often.
- Very small, stable teams with few tools and careful offboarding habits can reasonably delay it, though the cost of adding it later is low enough that waiting rarely saves much.
Most CRMs gate SSO behind a higher-tier plan, so the practical decision is often about cost as much as need — weigh it against the real risk of a missed offboarding step, which tends to be higher than it feels in the moment.
What should you do next?
If your CRM plan includes SSO, turn it on — the setup is usually a one-time integration with your identity provider, and it removes an entire category of access risk with no ongoing effort. If your current plan does not include it, treat it as a factor the next time you evaluate CRM costs, alongside the other security and access controls a growing team needs.
Keep reading
Basics · Explainers
What is a CRM data model, and how is customer data structured inside one?
What is a CRM data model and how is customer data structured inside one? The core objects, how they relate, and why the structure matters.
Basics · Explainers
What is the difference between a CRM and a spreadsheet?
What is the difference between a CRM and a spreadsheet? When a spreadsheet is enough, where it breaks down, and the signs it is time to switch.
Basics · Explainers
What is a custom field in a CRM, and when should you create one?
What is a custom field in a CRM and when should you create one? How custom fields work, the common types, and how to avoid cluttering your records.
Basics · Explainers
What is contact segmentation in CRM?
What is contact segmentation in CRM? How it works, which attributes to segment on, and how segmentation connects to automation and reporting.