How to set up Single Sign-On

In order to enable the Single Sign-On (SSO) feature, your Organization must have an active Extended Data Storage plan. For additional information regarding the available plans, please refer to our Extended Data Storage article. These instructions apply exclusively to Organizations with an active plan.

Requisites

Only OpenID Connect Identity Providers supporting the Authorization Code grant type and the openid, email and profile scopes will work. If you have an Identity Provider that supports the OpenID Connect protocol (OIDC), then you can use it to log into Studio with your own account.

Activation Process

If your Identity Provider supports the requisites and you would like to use it to log into Studio, please contact support and provide the following information:

    • The OpenID Connect Client ID.
    • The OpenID Connect Client Secret.
    • The OpenID Connect Issuer (typically a URL).
    • Whether you want to enforce authentication via your Identity Provider or not.

After our support team receives this information, we will configure Studio accordingly and provide you with the information you will need to configure your Identity Provider.

If you enforce authentication via your Identity Provider (recommended), you won't be able to access Studio with your existing accounts if your Identity Provider stops working, but you will have better control over authentication and access control to Studio.

Please don't share secrets or keys with anyone over email.

You can share the client secret with us by pasting it into this page, selecting one week for its maximum lifespan, and encrypting it. Copy the resulting One-click URL and share that with us.