Tenant SSO settings

The SSO Configuration page allows you to add and manage identity providers (IdPs) for a client. This allows users to log in to the platform using their existing credentials from an external IdP. This simplifies the login process and enhances security by leveraging centralized authentication.

Currently, the platform supports OpenID Connect v1.0 and SAML v2.0 for SSO as IdPs.

In the SSO Configuration screen, you can configure the Tenant SSO Settings.

Note: The options available in the Tenant SSO Settings screen may vary depending on your license entitlements.

Tenant configuration

In the Tenant Configuration section, you can click Edit to modify the following options:

Allow local login: Enable users to log in using their local credentials.
Users require invitation: This is enabled by default and can’t be disabled at present.
Allow automatic registration: Enable users to be automatically registered in the system when they log in through SSO.
Custom Properties: You can click Add to specify one or more Name and Value pairs. Custom properties are additional attributes that can be included in the SSO authentication process. These properties can be used to store extra information about the user or to customize the authentication experience.

Notes:

Currently, all SSO users require invitation to access the platform.
By default, the Allow local login, Allow automatic registration, and Users require invitation settings are all enabled.

Identity providers

You can add a new SSO provider by clicking + Provider. For further details on adding a new Identity Provider (IdP), refer to the relevant sub-section.

The IDP list table displays a list of the existing SSO providers.

You can click the three dots icon to perform the following actions:

Edit
Disable
Set as default: The default SSO provider has the Role set to Default in the IDP list table. The default provider is highlighted with a solid background color on the login screen if multiple SSO providers are configured.
Delete