Enable brand-managed SSO for customer login across Reach-powered web and app experiences.
End-customer SSO lets customers log in to Reach-powered experiences using brand-managed credentials.
Reach delegates authentication to your Identity Provider (IdP). Reach does not store passwords.
Need SSO for Reach Central users? See SSO — Agents.
What it is: Brand-managed SSO for customer login.
What problem it addresses: Eliminates duplicate accounts and centralizes security policies.
Who it is intended for: Customers using Reach-powered web and app experiences.
Let customers reuse an existing brand login.
Reduce friction in checkout and self-care.
Centralize MFA and security policy under the brand.
What is included:
SSO integration for customer login across Reach-powered surfaces:
brand website
mobile web
mobile apps
checkout and self-care portals
Session creation and identity linkage.
What is excluded:
Agent SSO for Reach Central
Brand password reset and credential management.
Customer identity merges or migrations (handled case-by-case).
Which IdP will be used and who owns it.
Which identity fields will be used to match customers.
A small set of test customers for validation.
An approval owner for go-live.
For the standard request process, commercial notes, and support, see Bolt-ons catalog.
For the implementation-specific setup details, visit: SSO technical detailsarrow-up-right
Questions or clarification? Reach out to your respective account manager or email at [email protected]
Last updated 44 minutes ago