Integration · Analytics & data

Heap Single Sign-On with Monosign

Monofor's integration with Heap allows you to authenticate Heap users using Monofor.

Put Heap behind your identity plane: one login, MFA enforced, access granted and revoked automatically with the joiner-mover-leaver lifecycle — and every authentication logged, tamper-evident.

Supported protocols:Browser ext.SAML 2.0
Spin up a full trial tenant in five minutes and connect Heap today — no credit card, no sales call.
Setup

Heap to production in three steps.

A dedicated Heap article is on its way. The generic setup guides in our help center cover the same flow, and the in-console template does most of the work. Browse the help center

  1. 01
    Add Heap in Monosign

    Pick the Heap template from the application catalog in the Monosign console. The SAML configuration — metadata, certificates, endpoints — is generated for you.

  2. 02
    Establish trust on the Heap side

    Paste the metadata/client details Monosign generated into the Heap admin panel. The help-center article shows every field.

  3. 03
    Test, then roll out

    Sign in end-to-end with a test user, then govern access with Monosign groups and policies. Every login is MFA-enforced and logged.

Trusted by enterprises worldwide

50M+

identities secured

7,000+

enterprise integrations

40+

countries

Ziraat Bankası
IGA Istanbul Airport
McDonald's
Saudi Telecom Company
Odeabank
Godiva
United Biscuits
Fenerbahçe Sports Club
FAQ

Common questions.

Which protocols does Monosign support for Heap?
This integration works over Browser ext. / SAML 2.0. Monosign also supports SAML 2.0, OIDC/OAuth 2.0, SCIM, LDAP, RADIUS, and Kerberos platform-wide — so the rest of your stack connects to the same identity plane alongside Heap.
Can I enforce MFA on Heap logins?
Yes. Once Heap is behind Monosign, every login passes your MFA policy — TOTP, push, or phishing-resistant passkeys (FIDO2) — with adaptive step-up when risk signals change.
How long does setup take?
For most teams, connecting Heap takes under an hour: the template is pre-built and the steps are documented. You can test it in a free trial tenant without touching production.
Is Heap access revoked automatically when someone leaves?
Yes. Joiner-mover-leaver lifecycle grants Heap access by role and revokes it the day someone leaves — no stale accounts, and the audit trail is ready for review.

Ready to start managing
identities the right way?

Spin up a fully-loaded trial tenant in under five minutes. No credit card. No sales gate.