Authentication FAQs

Enable any trusted systems that your company uses for authentication. We support Salesforce and your Office suite (Google Workspace or Office 365), SSO systems that support SAML, and Okta OpenID Connect.

It’s up to you. If you have sign-in policies that you need to enforce in your organization, you can require users to sign in using the systems that enforce those policies (such as SAML), and do not need to keep Gong username & password enabled.

We support the SAML protocol, and test it with Okta, Rippling, and OneLogin.

You can find the set up instructions here.

When you select Google, Microsoft, or Salesforce on this page and save your changes, people can log in to Gong using their work Google, Microsoft, or Salesforce credentials. No further set up required!

Yes, Gong fully supports SSO with Azure AD. Click here for further details.

Your password should be 12 characters or more. It can be any combination of letters, numbers, and symbols (ASCII-standard characters only), and must include at least 3 of the following:

• 1 uppercase character

• 1 lowercase character

• 1 digit

• 1 special character

When an account gets automatically logged out depends on the authentication method you select for your team members.

If the user logged in with their username and password, or via SAML authentication, the default session timeout is 30 minutes. This can be customized for SAML SSO providers.

If the user logged in via one of the common identity providers such as Google, Microsoft, Salesforce, or via OKTA Open ID connect, the identity provider controls the session timeout policy. In this case, we automatically renew the session every 30 minutes until the token is no longer valid.

Users who have five failed login attempts are locked out of their accounts for 60 minutes.