Single Sign-On (SSO)
Overview
OpsWorker supports Single Sign-On for centralized authentication. Team members sign in with their existing corporate credentials.
Supported Providers
| Provider | Type | Setup |
|---|---|---|
| OAuth / Google Workspace | Google SSO Guide | |
| Azure AD (Microsoft Entra ID) | OIDC / SAML | Azure AD SSO Guide |
Benefits
- Centralized identity — Manage access through your identity provider
- MFA enforcement — Leverage your IdP's multi-factor authentication
- Automated provisioning — Users sign in with existing credentials
- Offboarding — Disable IdP account to revoke OpsWorker access
How It Works
- User clicks "Sign in with Google" or "Sign in with Microsoft" on the OpsWorker login page
- User is redirected to the identity provider for authentication
- After successful authentication, user is redirected back to OpsWorker
- If the user's email matches an invited user or an approved domain, access is granted
Next Steps
- Google SSO — Set up Google authentication
- Azure AD SSO — Set up Microsoft authentication