Single Sign-On (SSO)¶
Ogadu supports SAML 2.0 Single Sign-On, allowing your team members to sign in using their company identity provider (IdP) instead of managing separate passwords.
Supported Identity Providers¶
| Provider | Protocol | Status |
|---|---|---|
| Okta | SAML 2.0 |  Supported |
| Azure AD / Entra ID | SAML 2.0 | Supported |
| Google Workspace | SAML 2.0 | Supported |
| OneLogin | SAML 2.0 | Supported |
| Any SAML 2.0 IdP | SAML 2.0 | Supported |
Supported Features¶
| Feature | Supported |
|---|---|
| SP-initiated SSO | Yes |
| IdP-initiated SSO | Yes |
| Just-In-Time (JIT) provisioning | Yes |
| Enforce SSO (block password login) | Yes |
| SP-initiated Single Logout (SLO) |  Not yet |
| SCIM provisioning | Planned |
How It Works¶
-
Your identity provider authenticates the user — When a team member signs in, they're redirected to your company's IdP (e.g., Okta) where they authenticate with their corporate credentials.
-
Ogadu receives a SAML assertion — After successful authentication, your IdP sends a signed SAML response to Ogadu confirming the user's identity.
-
Ogadu creates or finds the user account — If this is the user's first time signing in via SSO, Ogadu automatically creates their account (Just-In-Time provisioning) and adds them to your organization. Returning users are signed in immediately.
-
The user is signed in — No separate password needed. The user lands on their Ogadu dashboard ready to work.
Who Can Configure SSO?¶
SSO is configured per organization. Organization admins can set up and manage SSO settings from their organization's settings page.
Getting Started¶
Choose your identity provider for step-by-step setup instructions:
Using a different IdP?
Ogadu works with any SAML 2.0 compliant identity provider. The general setup process is the same — you'll need your IdP's Entity ID, SSO URL, and X.509 certificate. Use the Okta guide as a reference for the Ogadu side of the configuration.