Skip to main content

Enabling Single Sign On (SSO)

Updated over 2 months ago

This guide explains how Super Admins can configure Single Sign-On (SSO), test the connection, and manage user provisioning.

Accessing SSO Settings

Only Super Admins can access and configure SSO settings.

  1. Open Settings in the app.

  2. In the Settings modal, select the SSO Settings tab.

Creating an SSO Connection

  1. In SSO Settings, generate the setup link.

  2. You will be redirected to Auth0 to complete the configuration.

  3. Select your SSO provider (for example, Azure AD).

  4. Follow the on-screen instructions:

    1. Configure settings in your identity provider

    2. Copy required values into Auth0

  5. Create the SSO connection.

Adding Users and Testing the Connection

After creating the connection:

  1. Follow the next steps to add users.

  2. Use Test Connection to verify setup.

  3. A successful test confirms that authentication works and user details are returned correctly from your SSO provider.

Click Done to continue.

Optional: Multiple Email Domains

If your organization uses multiple email domains:

  1. Add additional domains in the SSO configuration.

  2. Each domain must be verified. Domain verification requires DNS changes on your side

This step is optional and can be skipped if not needed.

Enabling the SSO Connection

  1. Enable the connection.

  2. Close the SSO setup tab.

  3. Return to the app to confirm:

    • The enabled domain is listed

    • Account information was successfully synced

Logging In with SSO

Once enabled:

  • Users logging in with an SSO-enabled email will be redirected to their identity provider

  • Password entry is skipped

  • Users are automatically logged into the app after successful authentication

Just-In-Time (JIT) User Provisioning

Just-In-Time provisioning automatically creates user accounts on first login.

  • Disabled:

    • Users must already exist in the app

    • New users will see an error on login

  • Enabled:

    • Users authenticated via SSO are automatically created

    • No manual user creation required

Role Assignment

When a user is provisioned:

  • They are assigned the role selected in the SSO settings

    • User

    • Admin

    • Super Admin

Updating or Removing an SSO Configuration

Admins can manage SSO at any time:

  • Update SSO configuration details

  • Add or verify additional domains

  • Delete the SSO connection if it’s no longer needed

All actions are available directly within SSO Settings.

Troubleshooting Tips

  • Always run Test Connection after changes

  • Verify DNS records if adding new domains

  • Ensure role settings are correct before enabling JIT provisioning

Related Articles
User Management
Quick Start Guide
Groups and Tags
Did this answer your question?