What is SugarIdentity? & How does it Work?

With Sugar’s continuous Cloud Innovation it can be difficult keeping up to date with the regular new releases and feature enhancements.

In this post, we help clear up any confusion and bring you up to speed with SugarIdentity, what it is and how it works.

You may have seen us touch on SugarIdentity in previous posts, this post is more of a layman’s terms overview – as opposed to a detailed explanation of each new Setting (Tenant Settings etc).

For a more detailed explanation on configuration settings of your SugarCRM instance please get in contact with us on the link below and we will be more than happy to assist!


What is SugarIdentity?


SugarIdentity is SugarCRM’s new cloud based User Identity Management Tool delivered in an all new interface.

SugarIdentity allows users to access all applications and services, and also manage user identities in their SugarCRM instance – supporting single sign-on for SugarCRM, Sugar Outlook Plugin and Sugar Mobile.

All services are managed through the Cloud Settings Console. This includes creating and managing user records, managing password requirements as well as more detailed configuration settings such as LDAP and the frequently requested SAML (Singe Sign On SSO) authentication for the MS Outlook Plugin.

SugarIdentity also supports the concept of Service Accounts which can be used to implement secure Server to Server integrations much easier without involving end user credentials.

Sugar’s aim is to create a central user authentication and access management point – with the view to improve Sugar Cloud User management overall.

No matter the flavour of Sugar you currently use, with SugarIdentity you are able to manage all end users in one place.

What settings are managed in SugarIdentity?

SugarIdentity is used to manage the following settings:

    • Tenant Settings
    • SCIM Settings
    • Editing Users
    • Deactivating Users
    • Authentication Management (LDAP & SAML)

Key Benefits

    • Federated Identity Solution Based on Industry Standards
    • Securely Manage User Identities
    • Manage User Password Requirements
    • Set Up LDAP or SAML Authentication
    • Access SugarCRM Applications & Services
    • Supports Comprehensive Single Sign-on for Sugar, Sugar Plug-in for Outlook & Sugar Mobile
    • Managed via the SugarCRM Cloud Settings Console

What Regions are supported?

The SugarIdentity service is supported in the following regions:

    • APAC
    • Canada
    • EU
    • Germany
    • North America

Determining if Your Instance Uses SugarIdentity

In order to access and use SugarIdentity in the Cloud Settings console the following prerequisites must be met:

    • You must be a Sugar administrator.
    • Your Sugar instance must be enabled for SugarIdentity use.

To check if your Sugar instance uses SugarIdentity

1 – Navigate to your user profile in Sugar and click “Edit”. If your instance is SugarIdentity-enabled, a pop-up message will appear stating that you (i.e. Sugar admin) need to access Cloud Settings to make changes to read-only fields (e.g. First Name, Last Name, Title). For regular users, the message will indicate to contact the Sugar administrator to make changes to read-only fields.

Accessing the Cloud Settings Console

Once your Sugar instance has been SugarIdentity-enabled, you will then be able to access the Cloud Settings console:

    • Admin > User Management > Select the Create New User option in the Users module tab’s actions menu
    • Admin > Password Management

Because you have an active Sugar session running, you will be authenticated automatically in the Cloud Settings console.

Alternatively, go directly to the Cloud Settings Console via the URL (You will need your login credentials to log in – Tenant ID & Password)

Feature Enhancements

(This list of feature enhancements will be updated monthly as new fixes for identified issues are released)

February 25, 2020

The following feature enhancements are included in this release of SugarIdentity:

  • Tenant validation improvements : Some changes have been made to improve tenant validation for the Cloud Settings console in preparation for the upcoming login service enhancements.

Known Issues

The following known issues are present in this release of SugarIdentity:

  • Logging into multiple SugarIdentity-enabled instances (e.g. production, sandboxes) in the same browser will result in an error for all but the first. As a workaround, additional instances can be accessed via a private browser window or separate browser.
  • Changing the email address for the admin user (user ID = 1) via the Cloud Settings console may not update the email address as expected in Sugar.
  • Logging out of the Sugar application does not properly alert the administrator of the session logout in the Cloud Settings console.
  • The Users list view cannot be sorted by field columns in the Cloud Settings console.

If you have any concerns regarding SugarIdentity or User Management in your Sugar and require any further information, please don’t hesitate to get in touch and we will be more than happy to assist you!