SSO setup

Master the setup of Single Sign-On (SSO) for your domain with CustomGPT.ai through various identity providers. This comprehensive guide provides detailed, step-by-step instructions to ensure a smooth and efficient integration process.

Suggest Edits

Step 1: Sign In

Sign in

Step 2: Access Your Profile

Click on your user icon located at the top right corner of the dashboard, and then select My Profile from the dropdown menu.

My profile

Step 3: Navigate to Single Sign On

Locate and click the Single Sign On (SSO) tab available in the top menu bar of your profile.

Single Sign On tab

Step 4: Add your domain

a) Under the "Add Your Domain" section, enter the domain for which you wish to activate SSO.

Add your domain

b) Follow the provided instructions to update your DNS records via your DNS provider's website.

Instruction To update DNS Records

Domain verification status will update automatically to "Verified" once the DNS settings have propagated, which typically takes between 15 to 20 minutes. However, it may take up to 72 hours in extreme cases.

If status doesn’t change to “verified” after 72 hours, please contact our support.

Verified Domain

Step 5: Set up your Identity Provider

Follow the guide to make necessary configurations on your Identity Provider’s website. Set up your Identity Provider by following the relevant guide:

During setup, you will need to provide your ACS URL and Entity ID, which are accessible on the page.

ACS URL & Entity ID

Step 6: Set up SAML Integration

Complete the SAML integration by providing details from your Identity Provider which can be:

a) Imported via URL


b) Imported via XML

Imported via XML

c) Entered manually

Enter manually

Step 7: Configure Advanced Settings

Once your domain is verified and SAML is configured, you can access the "Advanced Settings" to customize your SSO setup:


a) Email Authentication Options:

Capture company emails - Choose how we should authorize company emails. Available options are:

  1. Allow login only using SSO - your team members will be able to login only via SSO route
  2. Allow login via SSO and email/password keypair - your team members will be able to login both via SSO and via traditional email & password route
Email Authentication Options

b) User Role Configuration:

Choose a role for new members based on the Roles set up in your Team Settings page.


c) SCIM Integration:

Enable SCIM integration. Once enabled, SCIM will automatically synchronize with your Identity Provider. Available options are:

  1. SCIM integration disabled.
  2. SCIM integration enabled: User data in CustomGPT.ai will automatically update when changes are made in your Identity Provider and create/update/delete settings should be configured on your Identity Provider.
SCIM integration

d) Email Deletion Handling:

  1. Projects will be Deleted with the user
  2. Projects will be transferred to your account - this action can impact your storage credits
Email Deletion Handling

👍

Congratulations! You have successfully configured Single Sign-On for your platform.

Updated about 1 month ago