You can choose to enable OIDC or SAML 2.0 single sign-on (SSO) for your Snowplow Console, allowing users to login with their corporate credentials via a central Identity Provider.
We use just-in-time provisioning, allowing new users to log in without being added as a Console user beforehand.
Prerequisites
Before proceeding, ensure your Identity Provider (IdP) supports OIDC or SAML 2.0. Some common IdPs which we support are listed below.
Active Directory |
Auth0 |
Azure Active Directory |
Google Workspace |
Okta |
Enabling SSO
To enable SSO for your organisation:
- Login to the Snowplow Console
- Navigate to Manage organisation > Single Sign-on (SSO)
- Select an Identity provider from the select list
- Follow the on-screen instructions
Once SSO is enabled, users on your domain can no longer sign in with their old email address and password, or manage their personal details or password as these will all be managed within your Identity Provider.
Guides
We have a growing collection of step-by-step guides to take you through configuring SSO for specific IdPs. Check the list below if you need extra assistance.