Single sign-on

Admin → Single sign-on is where you record your SAML 2.0 identity provider's configuration for the organisation — the IdP entity ID, the SSO URL, and the related metadata.

Configuration storage only

This is important and the page says so plainly: saving here stores the configuration, but the SAML sign-in handshake is not wired up yet. Sign-in continues through password, magic-link, and any OAuth providers your account already has. We're collecting the IdP metadata now so that when the SAML auth handler ships, turning it on for your organisation is a single deploy rather than a setup project.

So: filling this in does not change how anyone signs in today. It readies the organisation for SAML, nothing more. If you have an enterprise procurement timeline that depends on a working SAML login, the page points you to sales for an early-access conversation rather than implying it already works.

Visibility

This surface isn't shown to every organisation by default — it's enabled per organisation when there's a concrete need. If you can see it, it's been turned on for you.

Related: Users & invites · Organisation profile.