Configure single sign-on (SSO)

Dovetail offers multiple ways to login to a workspace using single sign-on (SSO).

Google and Microsoft

On the Team workspace you can instruct your users to authenticate to Dovetail in one click via OAuth 2.0 using their Google or Microsoft account. If they use OAuth 2.0 to create their account, they’ll never need to set a password with us to log in.

Managed identity provider

Customers on the Enterprise workspace can set up custom SSO integrations with their organization's identity provider via OpenID Connect.

You can configure an SSO integration with Auth0, Azure Active Directory, Okta, Google Cloud Identity or any other identity provider that supports OpenID Connect. Enterprise customers also have the ability to enforce SSO for all users in the workspace and disable all other login methods.

Set up guides

You can read the following set up guides for common identity providers:

• Configure Okta

• Configure Azure Active Directory

• Configure G Suite

You can read the guide to Configure OpenID Connectgenerally.

Just-in-time Provisioning

Dovetail supports just-in-time (JIT) provisioning for SSO when domain-restricted sign-up is enabled for your SSO domain. When domain-restricted sign-up is enabled, a user that tries to log in will automatically have a new user account created for them.