This article describes a feature or service available to Snowplow BDP customers.
You can choose to enable OIDC or SAML 2.0 single sign-on (SSO) for your Snowplow Console, allowing users to login with their corporate credentials via a central Identity Provider.
We use just-in-time provisioning, allowing new users to log in without being added as a Console user beforehand.
Prerequisites
Before proceeding, ensure your Identity Provider (IdP) supports OIDC or SAML 2.0. Some common IdPs which we support are listed below.
- Auth0
- Azure Active Directory
- Google Workspace
- Okta
Enabling SSO
To enable SSO for your organisation:
- Login to the Snowplow Console
- Navigate to Manage organisation > Single Sign-on (SSO)
- Select an Identity provider from the select list
- Follow the on-screen instructions
Once SSO is enabled, users on your domain can no longer sign in with their old email address and password, or manage their personal details or password as these will all be managed within your Identity Provider.