# Zuplo Single Sign On
Zuplo Single Sign On (SSO) is a feature that allows you to authenticate users
using a third-party identity provider.
Zuplo uses Auth0 to manage enterprise SSO, so we can support essentially any
Identity Provider. Common options are Azure AD, Okta, Google Workspace, etc.
## Configuring your Identity Provider
### Setup
If you have purchased the optional Enterprise SSO add-on, you can configured SSO
with your identity provider through the [Zuplo portal](https://portal.zuplo.com)
by following the steps below.
1. Navigate to the Account Settings section in the Zuplo portal.
1. Open the "Security" tab.
1. In the section labeled "Single Sign On (SSO)", click the "Setup Single
Sign-On" button.
1. This will open a new window hosted by Auth0 that allows you to configure SSO
for your organization.
1. Follow the instructions in the Auth0 window to configure SSO with your
identity provider and domain (for example yourcompany.com).
1. Be sure to click "Enable Connection" in the Auth0 window to activate SSO for
your organization.
1. Once SSO is enabled, users can log in to Zuplo using your identity provider.
### Edit Single Sign On
If you need to edit your SSO configuration after the initial setup, you can do
so by clicking the "Edit Connection" button in the "Single Sign On (SSO)"
section of the Security tab in Account Settings.
This will open the Auth0 configuration window where you can make changes to your
connection settings. This is useful if you need to rotate certificates or client
secrets or if you need to add or remove domains.
### Disable Single Sign On
If you need to disable SSO completely, contact Zuplo support for assistance.
## Single Sign On Settings
If you have configured Single Sign On for your organization, you can customize
how users login to your account.
### Require Enterprise SSO
:::tip
It's highly recommended to enable this setting to ensure all users are
authenticating through your enterprise identity provider.
:::
Require all account members authenticate with the configured enterprise identity
provider. When enabled, users will be prevented from logging in with Google,
GitHub, or passwords.
### Automatically add SSO-enabled users
When enabled, any user who authenticates with the configured enterprise identity
provider will automatically be added to this account. Use this setting if you
want to control access to Zuplo through your identity provider.
When disabled, users will need to be invited to the account by an existing user.
If you have role-based access control enabled, new users will be added to the
account as a Member. You can change their role after they have been added. If
role-based access control isn't enabled, new users will be added as an Admin.
## Frequently Asked Questions
### What SSO Providers does Zuplo Support?
Zuplo uses Auth0 to manage enterprise SSO, so we can support essentially any SSO
provider required. Common options are Azure AD, Okta, Google Workspace, etc.
### What happens when SSO is enabled for my organization?
When SSO is enabled, you'll use your organization's identity provider (like Okta
or Azure AD) to log into Zuplo. This provides enhanced security and streamlines
access management for your team.
If you previously had a Zuplo account with the same email address, your SSO
login will be treated as the primary method going forward.
### Will I have access to my existing projects after SSO is enabled?
Yes! When you log in with SSO using the same email address as your previous
account, you'll automatically have access to all the projects and roles from
your existing Zuplo accounts. The system will seamlessly connect your SSO
identity with your previous access permissions.
### How should I log into Zuplo once SSO is enabled?
Always use the standard Zuplo login page at https://portal.zuplo.com - the
system will automatically redirect you to your organization's SSO provider. This
ensures you're using the secure, organization-approved authentication method.
:::note{title="Legacy Account Access"}
If you need to access a previous account for administrative purposes during the
transition period, contact Zuplo support for assistance.
:::