Single Sign-On
Overview
Single Sign-On (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials.
Bytebase supports the following standard protocols that provide SSO:
Once a valid SSO has been created, you can choose to sign in with the configured SSO provider.
Afterwards, when the user tries to sign in, the only option is to sign in with the configured SSO provider.
In case of emergency, the admin can log in by navigating to
Prerequisites
Configure External URL.Create SSO provider
As a Workspace Admin, you can create a SSO provider following the steps below:- In Workspace, go to IAM & Admin -> SSO from left side bar.
- Click Create to start creating SSO.
-
Fill in all the required fields.
- Test Connection on bottom left.
- If successfully connected, click Update on bottom right.
Sign in with SSO
Bytebase employs JIT (Just-In-Time) user provisioning. It will create the user the first time the user signs in.
Enforce SSO Sign-in
AsWorkspace Admin, you can enforce SSO sign-in for all users in Workspace.
In Workspace, go to Settings > General, scroll down to Account section and switch on Disallow signin with email & password. Then users can only sign in with SSO.
Afterwards, when the user tries to sign in, the only option is to sign in with the configured SSO provider.
In case of emergency, the admin can log in by navigating to <YOUR_URL>/auth/admin and entering the email and password.