Overview
Single Sign-On (SSO) enables users to access Enterpret using your organization's existing identity credentials. Enterpret supports both OpenID Connect (OIDC) and SAML 2.0 protocols, making it compatible with most identity providers.
This guide covers everything you need to set up and manage SSO for your Enterpret workspace.
Prerequisites
Administrator access to both Enterpret and your identity provider
Authority to create applications in your identity provider
Email addresses in Enterpret that match your identity provider records
SSO Configuration Process
The setup involves two main parts:
Configure your identity provider
Configure Enterpret with your provider's details
Step 1: Configure Your Identity Provider
Common Configuration Values
Use these Enterpret-specific values when setting up your identity provider:
Setting | Value for SAML | Value for OIDC |
Entity ID / Audience URI |
| N/A |
Reply URL / ACS URL |
| N/A |
Sign-in Redirect URI | n/a |
|
Required Claims/Attributes | Email (mapped to user email) | Email (mapped to user email) |
Provider-Specific Instructions
For detailed, step-by-step instructions for your specific provider:
When configuring your identity provider, you'll need to capture specific values to use in Enterpret:
For OIDC: Client ID, Client Secret, and Issuer URL
For SAML: Metadata URL
Step 2: Configure Enterpret
Click your organization logo in the bottom left corner
Select Workspace Settings
Navigate to SSO Settings
Click the Configure button
Select your identity provider type (OIDC or SAML)
Enter the values you obtained from your identity provider:
For OIDC: Client ID, Client Secret, and Issuer URL
For SAML: Metadata URL
Click Submit
IDP-Initiated SSO Configuration
To allow users to access Enterpret directly from your SSO portal:
Find the RelayState Parameter in Enterpret:
Go to Workspace Settings > SSO Settings
Copy the RelayState value shown
Add this value to your identity provider's configuration:
For Okta: Enter as "Default RelayState" in SAML settings
For Azure: Enter as "Default RelayState" in application settings
Paste this RelayState in your SSO settings to let users access Enterpret directly from your portal.
Testing Your Configuration
Before enforcing SSO, verify that it works correctly:
Log out of Enterpret
On the login page, click the SSO option
You should be redirected to your identity provider
After successful authentication, you should return to Enterpret
Advanced SSO Features
Enforcing SSO
Make SSO mandatory for all users in your organization:
Go to Workspace Settings > SSO Settings
Toggle Enforce SSO to on
Confirm your choice
Important: Test your SSO configuration thoroughly before enforcing it to avoid being locked out of your account.
User De-provisioning
Automatically remove access when users are deactivated in your identity provider.
Currently supported for:
For other providers, please contact Enterpret support.
SCIM Provisioning
For automatic user provisioning and management:
Troubleshooting
If you encounter issues with your SSO setup:
Verify email addresses match between systems
Check that all configuration values are entered correctly
Ensure users are assigned to the Enterpret application in your identity provider
Confirm proper attribute/claim mapping for email addresses
Need Help?
If you encounter issues not covered in this guide, please contact the Enterpret team. We're happy to help you configure SSO for your organization.