Dovetail offers multiple ways to log in to a workspace.
Google and Microsoft
On the Team workspace you can instruct your users to authenticate to Dovetail in one click via OAuth 2.0 using their Google or Microsoft account. If they use OAuth 2.0 to create their account, they’ll never need to set a password with us to log in.
Managed identity provider
Business and Enterprise only
This feature is only available on our business and enterprise plans. Business and enterprise workspaces come with additional features and support to meet your organization’s needs. Check out our pricing page for more information on business and enterprise.
You can configure an SSO integration with Auth0, Azure Active Directory, Okta, Google Cloud Identity or any other identity provider that supports OpenID Connect. Enterprise customers also have the ability to enforce SSO for all users in the workspace and disable other log in methods.
Read the following set up guides for common identity providers:
Just-in-time provisioning
Dovetail supports just-in-time (JIT) provisioning when domain-restricted sign up is enabled for your SSO domain. When domain-restricted sign-up is enabled, a user that tries to log in when they don’t have an account will automatically have a new viewer account created for them. If your identity provider supports custom JWT claims at a per-user level you can optionally override the default viewer role they are first granted on a per-product basis by providing the `default_dvtl_playback_role`, `default_dvtl_markup_role`, and `default_dvtl_backstage_role` keys with a values of either "MANAGER", "CONTRIBUTOR", "VIEWER", or "NO_ACCESS".