SSO

Integrate Prismic with your SSO provider.


SSO is only available on Enterprise plans. To enable this feature, please reach out to our Sales team.

Single sign-on (SSO) is an authentication method that enables users to access multiple applications with one set of login credentials. SSO provides companies greater control over their users. SSO enables more control over users’ access to Prismic and enhances security.

With SSO enabled, users can log in via the Sign in with SSO link on the Prismic login page and use their company’s authentication form.

Prismic supports all OAuth2 identity providers (IdP) including Google, Okta, Azure AD, and, Auth0.

To set up SSO, create a new application using the instructions for your IdP below:

Google

Go to the Credentials section of the Google Developer Console. Click on OAuth consent screen and add the following information.

Application Name

Prismic

Application Logo

Insert Prismic Logo

Support Email

support@prismic.io

Scope for Google API

email

profile

openid

Authorized domains

prismic.io

Application Homepage link

https://prismic.io

Application Privacy Policy

https://prismic.io/legal/privacy

Application Terms & Conditions

https://prismic.io/legal/terms-of-service

Then, click on Credentials > Create credentials. Select oAuth Client ID and then Web application. Save the form.

To provide access to existing users, assign them to the Prismic Google application. New users can be invited directly from the Prismic repository.

Finally, send the Client ID and Secret to your Customer Success Manager using encrypted email or a one-time link.

Okta

Go to Applications and click Add Application. Select Web as the platform and OpenID Connect as the Sign on method. Click Create and add the information below. Then, click Save and securely store the Client ID and Secret.

Application Name

Prismic

Login redirect URIs

https://prismic.io/sso/{yourEmailDomain}/callback

Next, go to the endpoints section of the Okta documentation. Securely store the /authorize, /token, and, /userinfo endpoints.

To provide access to existing users, assign them to the Prismic Okta application. New users can be invited directly from the Prismic repository.

Finally, send the Client ID, Client Secret, /authorize, /token, and, /userinfo endpoints to your Customer Success Manager using encrypted email or a one-time link.

OAuth2 IdPs

Go to your IdP’s dashboard and create a new Open ID Connect application using the callback URI: https://prismic.io/sso/{your-email-domain.com}/callback.

To provide access to existing users, assign them to the Prismic application. New users can be invited directly from the Prismic repository.

Then, send the clientID, clientSecret, authorizeUrl, accessTokenURL, scope, profileURL and, userInfoUrl to your Customer Success Manager using encrypted email or a one-time link.


Can't find what you're looking for?

Need technical Support? Spot an error in the documentation? Get in touch with us on our Community Forum.