Single Sign-On (SSO) gives your members access to Slite through an identity provider like G-Suite, Okta, Azure AD, and more.
When you activate it, SSO becomes the only way your team members can sign in to Slite.
Enforced Google SSO
You can require all your team members to sign in via their Google account, preventing people with any other email domain from joining your workspace.
SSO with OpenID Connect for Okta, Azure, and More
You can use OpenID Connect to allow users to securely sign in to Slite through your identity provider.
OpenID Connect is an identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server.
Identity Providers Supported with OpenID Connect
Here is the list of identity providers supported with OpenID:
- Okta: How to Set Up Okta SSO
- Office 365 (Azure AD): How to Set Up Azure Active Directory SSO
- OneLogin ( more information )
- Keycloak (more information )
- ADFS (4.0, Server 2016) ( more information )
- Auth0 ( more information )
FAQ
How do I automatically assign Writer/Reader roles based on SSO groups?
If your organization has the Readers (Enterprise) role enabled as part of the Enterprise plan and uses SSO group provisioning, then you can automatically assign roles based on SSO groups. To do that:
Click your team logo in the top left and choose
Settings, then go to Workspace > User Groups.Click
Manage next to the name of a user group.Scroll down and toggle on
Enable synchronization in the Group provisioning section. List your provider group names.
Click the dropdown menu below
Assigned organization role and choose a role.Click
Update group.・If a user is part of multiple user groups, the role with most privileges will take over (i.e., Writer > Reader.)
・Admins will not be affected.