Managing local authentication

ThoughtSpot has robust local authentication, and integrates with SAML.

Local authentication is enabled by default in your ThoughtSpot Cloud environment. This means that any local user you create can sign in to ThoughtSpot with the specific ThoughtSpot credentials you set up for them when creating the user.

If you disable local authentication, no local user can sign in to ThoughtSpot.

You can enable or disable local authentication from the Admin Console.

Navigate to the Admin Console by selecting the Admin tab from the top navigation bar. Select Local from the side navigation bar that appears.

If your organization uses multi-tenancy with Orgs, ensure that you are in the Org that you want to configure, in the All orgs section of the Admin Console.

Admin Console - Local

Select the Edit button in the top middle of the screen.

Edit local authentication

Choose Enable or Disable, and select OK.

Select enable or disable

Note that you cannot disable local authentication until you configure SAML authentication.

SAML and Local authentication at the Org level Beta

If your organization uses multi-tenancy with Orgs with SAML using IAMv2, ThoughtSpot allows customers to enable or disable local authentication at the Org and cluster levels.

To enable local authentication at the Org level, contact ThoughtSpot Support. Org level settings override cluster level settings.

To disable local authentication on a cluster or Org, at least one SAML or OIDC connection must be active. The Local tab is found under Authentication in the Admin portal. It is only present in Orgs with the SAML/SSO tab under Authentication. If only one active SSO connection is configured, and local authentication is disabled, you can’t delete the SSO connection because users will have no way to log in to the application.

By default, local authentication is enabled for new Orgs. Local authentication is also visible in the All Orgs section. With per-Org URLs configured, disabling local authentication only disables it for the specific Org’s URL.

Related information