> ## Documentation Index
> Fetch the complete documentation index at: https://docs.truv.com/llms.txt
> Use this file to discover all available pages before exploring further.

# SSO Configuration

> Set up single sign-on with SAML 2.0, OIDC, or Azure AD

Truv supports single sign-on (SSO) so your team can authenticate to the [Dashboard](/developers/dashboard) through your organization's identity provider. Once enabled, users sign in with their corporate credentials instead of a separate Truv password. SSO works with [multi-tenancy](/developers/multi-tenancy) setups. Users authenticate once and access all assigned companies.

***

## Supported protocols

<CardGroup cols={2}>
  <Card title="SAML 2.0" icon="shield-halved">
    HTTP Redirect binding (SP → IdP) and HTTP POST binding (IdP → SP)
  </Card>

  <Card title="OpenID Connect" icon="lock">
    Requires Issuer URL and Client ID. Client Secret is optional.
  </Card>

  <Card title="Azure AD" icon="microsoft">
    Requires Azure AD Domain, Client ID, and Client Secret.
  </Card>
</CardGroup>

***

## Supported identity providers

* Okta
* Azure Active Directory
* Google Workspace
* Ping Identity
* Auth0
* Custom SAML providers

***

## Benefits

<CardGroup cols={2}>
  <Card title="Centralized Identity" icon="users">
    Manage all Dashboard access through your existing identity provider.
  </Card>

  <Card title="Auto-Deprovisioning" icon="user-minus">
    When a user's account is deactivated at the IdP, they immediately lose Dashboard access.
  </Card>

  <Card title="MFA Enforcement" icon="shield-check">
    Enforce multi-factor authentication and conditional access policies at the IdP level.
  </Card>

  <Card title="Audit Logging" icon="clipboard-list">
    Comprehensive audit trail of all SSO authentication events for compliance.
  </Card>
</CardGroup>

***

## Set up SSO

<Steps>
  <Step title="Request SSO enablement">
    Contact your Technical Account Manager (TAM) to request SSO setup for your organization.
  </Step>

  <Step title="Configure your identity provider">
    Truv generates a secure self-service configuration link for your IT team to set up the connection in your IdP.
  </Step>

  <Step title="Notify Truv">
    Let your TAM know when the IdP configuration is complete so Truv can validate the connection.
  </Step>

  <Step title="Validation & activation">
    Truv activates SSO organization-wide. Production clients validate via a call; onboarding clients validate via email.
  </Step>
</Steps>

<Note>
  Once SSO is activated, all team members authenticate through your IdP. Any MFA or conditional access policies you've configured apply automatically.
</Note>

***

## User experience

After SSO is enabled:

1. Users navigate to the Dashboard login page
2. They enter their work email address
3. They're redirected to your identity provider for authentication
4. After successful authentication, they're returned to the Dashboard with full access based on their [assigned role](/developers/dashboard#team-roles-and-permissions)

***

## Next steps

<CardGroup cols={2}>
  <Card title="Security & Compliance" icon="shield-check" href="/api-reference/security">
    Data protection, encryption, and compliance certifications
  </Card>

  <Card title="Dashboard" icon="browser" href="/developers/dashboard">
    Navigate the Dashboard interface
  </Card>

  <Card title="Authentication" icon="key" href="/api-reference/authentication">
    API credentials and access management
  </Card>
</CardGroup>
