Single Sign-On (SSO) allows team members to log into multiple apps with a single entry of login credentials. It also gives company admins better control over user access. Implementing SSO enhances security while providing convenient login experience.
The SSO authentication process involves an Identity Provider — a third-party service that identifies the user and provides authentication services to apps.
Before you start
SSO is available on Pro and Prime plans
In Stripo, SSO is enabled for your entire Workspace. The workspace is where your projects are stored and where you invite your team members to.
Stripo supports the Open ID Connect (OIDC) protocol for SSO integrations
Ensure your Identity Provider supports the OIDC protocol. Any IdP provider that supports the OIDC should work. We have successfully tested the following popular providers: OKTA, OneLogin, Auth0 and Microsoft Entra ID (formerly Azure AD).
Email addresses of the members' Stripo accounts must match with the emails of their IdP accounts.
Steps to Enable SSO in Stripo
Activate SSO: Enable SSO for your workspace by following the instructions in the "SSO Configuration" section;
Members opt-In: Once SSO is activated, all team members need to opt in to the organization's SSO. For details, refer to the section "Team Members Opt-In" going next;
Team Members Opt-In
When SSO is activated, all invited members will:
Be able to access only your Workspace;
Be required to log in exclusively through SSO.
After the SSO activation, all Workspace members (except the owner and the person who activated SSO) must confirm their participation in the Workspace:
Confirmation: Logged-in members will see a pop-up window prompting them to either confirm their participation in the workspace, or decline it and leave the workspace.
Another way to confirm the participation is to go to "Settings > Workspace > SSO" where they will find the same confirmation form instead of the SSO settings.
Delayed Confirmation: Members can close the pop-up if they need more time to decide. They can later go back to the "Settings" section to confirm it there.
Re-login via SSO: Once members confirm the participation, they will need to re-login via the dedicated SSO Login page:
The ability to delay the confirmation is for members who happen to work in multiple Workspaces (e.g., have freelance projects in the personal workspace). They can complete their tasks in other workspaces before confirming participation in your Workspace.
If you invite someone who does not have an existing Stripo account, they must log in directly through SSO without any additional confirmation
Configuring SSO
To configure SSO, you must have the Admin role with full access to all projects in the workspace, or have the Owner role
Before configuring SSO, ensure that the email address associated with your Stripo account matches the email address of your Identity Provider (IdP) account
Follow the steps below to activate SSO:
Open the Stripo Settings: In your Stripo workspace, navigate to “Settings” → “Workspace” → “SSO“;
Create an IdP application: Set up a new OpenID Connect (OIDC) application in your IdP provider. We've prepared guides for some popular providers (links below):
Add credentials and test them: Once the application is created, add its credentials in Stripo. Use the "Test Connection" button to perform a test authentication;
Activate SSO and let your team know: all the team members shall follow the instructions in the "Team Members Opt-In" section of this article to confirm their access.
Success! Now, all the team members can log in to their Stripo accounts using your IdP provider
Thank you for taking the time to read our articles. We hope you will find this information helpful.
If you have any additional questions, please email us at support@stripo.email.
We would be glad to talk with you.