Single Sign-On (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials.

Bytebase supports the following standard protocols that provide SSO:

Prerequisites

Configure External URL.

Create SSO provider

As a Workspace Admin, you can create a SSO provider following the steps below:

  1. In Workspace, go to IAM & Admin -> SSO from left side bar.

  2. Click Create to start creating SSO.

  3. Fill in all the required fields.

  4. Test Connection on bottom left.

  5. If successfully connected, click Update on bottom right.

Sign in with SSO

Bytebase employs JIT (Just-In-Time) user provisioning. It will create the user the first time the user signs in.

Once a valid SSO has been created, you can choose to sign in with the configured SSO provider.

Enforce SSO Sign-in

As Workspace Admin, you can enforce SSO sign-in for all users in Workspace.

In Workspace, go to Settings > General, scroll down to Account section and switch on Disallow signin with email & password. Then users can only sign in with SSO.

Afterwards, when the user tries to sign in, the only option is to sign in with the configured SSO provider.

In case of emergency, the admin can log in by navigating to <YOUR_URL>/auth/admin and entering the email and password.