Anaplan enables Enterprise customers to log in to the mobile app with SSO (Single Sign-on).
If the Anaplan app does not allow you to log in with SSO, ask your organization to make it an approved application.
Generally, you need to:
- receive the above approval from either your IT or Security departments.
- obtain access to the Anaplan resources detailed below.
Your organization could have an identity provider (IDP) that is externally or internally accessible.
| IDP | Mobile device needs to be able to |
| External | resolve the name of the IDP, and connect to the IDP. |
Internal | resolve the name of the IDP, and connect via VPN to the internal IDP, or connect to a physical WiFi network that allows access to the internal IDP. |
Unless the VPN connection is configured in this way, your 4G/3G mobile broadband connection will not work. This is because the device will be unable to resolve and connect to the internal IDP.
Connectivity requirements
The following connectivity is always required from the mobile device when the app is in use:
| Host | Required | Connection type | Port |
| sdp.anaplan.com | Always | https only | 443 |
| us1a.app.anaplan.com | Always | https and wss | 443 |
| us2a.app.anaplan.com | Always | https and wss | 443 |
| us1a-arcus.app.anaplan.com | Always | https and wss | 443 |
| us2a-arcus.app.anaplan.com | Always | https and wss | 443 |
| eu1a.app.anaplan.com | Only if company has model data in the EU | https and wss | 443 |
| eu2a.app.anaplan.com | Only if company has model data in the EU | https and wss | 443 |
| eu1a-arcus.app.anaplan.com | Only if company has model data in the EU | https and wss | 443 |
| eu2a-arcus.app.anaplan.com | Only if company has model data in the EU | https and wss | 443 |
If an in-line web proxy filters the connections (web filtering), then this proxy will also have to allow the mobile device to connect to the internal IDP. This is required to reach the Anaplan hosts.
This list may change or be updated in the future.