...
Tidepool supports enterprises or organizations that may wish to manage credentials and security settings (e.g. password complexity, expiration, ip address restrictions) within their own infrastructure to fulfill compliance needs and local requirements, leverage existing identity stores and policies within the organization.
...
After Tidepool applies an SSO configuration for an email domain, recognized log-in attempts will redirect the user to sign in with their Clinic credentials, so long as the user was added to the appropriate AD group(s), they will authenticate appropriately and successfully access Tidepool.
Note: There is a user invite process within the Tidepool application that assigns either Clinic Member or Clinic Admin permissions, managed by someone with Clinic Admin permissions in the application.
...
Tidepool has implemented Keycloak, an Open Source identity broker supported by Red Hatand deployed and managed by Tidepool in Tidepool’s AWS cloud to integrate enterprise login services.
...