Help Center / Settings and administration /
SSO (single sign-on)
Single sign-on lets team members and clients log in through your identity provider instead of a separate email and password. Authentication runs through Auth0, so credentials are managed centrally.
How it works
SSO connects your workspace to an Auth0 application. When someone signs in, they are redirected to your Auth0 login screen, authenticate there, and are sent back to your workspace automatically. Any identity provider you have connected to Auth0 (Azure AD, Okta, Google Workspace, OneLogin, or others) works through this flow.
Setting up SSO
- Go to Settings > Integrations and scroll to the Single Sign-On section.
- Enter your Auth0 Domain (for example,
yourcompany.auth0.com). - Enter your Auth0 Client Key (the client ID from your Auth0 application).
- Click Connect.
Once connected, a confirmation message appears: "SSO is now enabled for your workspace. Users can sign in with their Auth0 credentials instead of creating separate accounts."
SSO is a paid add-on. If the add-on is not active on your plan, the Connect button will be unavailable.
What changes when SSO is active
The login page redirects to your Auth0 authentication screen. Team members and clients authenticate there and are redirected back to your workspace. Password management, multi-factor authentication, and session policies all follow whatever rules you have configured in Auth0.
Existing team members transition to SSO on their next login. The person's email address is matched against your Auth0 records, so the switch is automatic for anyone whose email matches.
Disconnecting SSO
To remove the SSO connection, go to Settings > Integrations, scroll to the Single Sign-On section, and click Disconnect. Team members and clients will need to sign in with their email and password after SSO is removed.
