In this article, you’ll learn how to configure PrismHR so employees can open Connecteam seamlessly via Single Sign‑On (SSO).
Before You Start
Make sure you have everything ready before diving in:
PrismHR payroll integration is active – SSO builds on the secure data link created during payroll setup.
How to integration with PrismHrWeb Service User with the endpoint
SignOnService.validateTssoToken
enabled – this endpoint validates the secure token PrismHR sends to Connecteam (see Omer Vered’s payroll-integration guide if you still need to configure it).Matching email addresses for each user in PrismHR and Connecteam – Connecteam matches users by email. If they don’t match, the employee will be redirected to the regular Connecteam login page instead of being auto‑logged in.
Tip: Keep PrismHR and Connecteam open in separate browser tabs—you’ll switch between them during setup.
Step 1 – Create the SSO Service in PrismHR
In PrismHR, go to System Parameters.
Click Actions › SSO Services.
Select Add New Service and fill in:
Service ID – any unique value (e.g.,
CTM_SSO
).Description – something recognisable (e.g., Connecteam SSO).
Type – External.
Service Destination – Outbound.
Service URL –
https://app.connecteam.com/api/Login/Sso/PrismHR/Redirect/
This URL routes users from PrismHR to Connecteam and passes the secure token.
Click Save.
Step 2 – Create a Custom Process for the PEO
Still in System Parameters, click Actions › Custom Process.
Select Add New Process and complete:
Process ID and Name – your choice (e.g.,
CTM_LAUNCH
).Category / Sub‑Category – choose where the item will appear in PrismHR.
Check Display in Menus and Display in Search so your staff can find it.
SSO Forms → SSO Service – pick the service you created in Step 1.
SSO Action – Tandem SSO.
Check External App.
Click Save.
Troubleshooting: If the new process doesn’t show up immediately, clear your browser cookies and refresh PrismHR. In most cases this forces PrismHR to pull the latest configuration.
Step 3 – Add the SSO Link to the Employee Portal Menu
Go to Configuration Templates.
Choose the template used by the employees who need Connecteam access (often the Default template).
Click Edit → open the Menu tab.
Click New Top‑Level Menu, then Edit to configure it:
Title – what users will see (e.g., Connecteam).Component – select Single Sign‑On.
SSO Service – pick the service you created earlier.
Launch in new tab – Enabled (highly recommended for best UX).
Menu Visibility – choose Employee or Employee & Manager.
⚠️ Known issue: Manager view currently has a display bug—choose Employee‑only if managers don’t need access.Select an icon, then Save.
Save the configuration template.
Step 4 – Test the Connection
Log in to PrismHR as an employee who should have Connecteam access.
Click the new Connecteam menu item.
Confirm that Connecteam opens in a new tab without asking for credentials.
Repeat the test with at least one additional employee to verify permissions.
If everything works, you’re done! 🎉
Common Issues & Fixes
Symptom | Likely Cause | Quick Fix |
User is redirected to Connecteam login page | Email address mismatch between PrismHR and Connecteam | Ensure the employee’s email is identical in both systems, then retry. |
Users see a blank page after clicking Connecteam | Service URL typo | Double-check the URL in Step 1. |
"Invalid token" error in Connecteam | Web Service User missing | Confirm the endpoint is enabled and the user has permission. |
Menu item not visible | Template cache | Clear cookies or log out/in again. |
Need help? Contact our Support team through the in‑app chat—24/7 and happy to help.