SSO
Integrate Prismic with your SSO provider.
Single sign-on (SSO) is an authentication method that enables users to access multiple applications with one set of login credentials. SSO provides companies greater control over their users. SSO enables more control over users’ access to Prismic and enhances security.
With SSO enabled, users can log in via the Sign in with SSO link on the Prismic login page and use their company’s authentication form.
Prismic supports all OAuth2 identity providers (IdP) including Google, Okta, Azure AD, and, Auth0.
To set up SSO, create a new application using the instructions for your IdP below:
Go to the Credentials section of the Google Developer Console. Click on OAuth consent screen and add the following information.
| Application Name | Prismic |
| Application Logo | Insert Prismic Logo |
| Support Email | support@prismic.io |
| Scope for Google API | email profile openid |
| Authorized domains | prismic.io |
| Application Homepage link | https://prismic.io |
| Application Privacy Policy | |
| Application Terms & Conditions |
Then, click on Credentials > Create credentials. Select oAuth Client ID and then Web application. Save the form.
To provide access to existing users, assign them to the Prismic Google application. New users can be invited directly from the Prismic repository.
Finally, send the Client ID and Secret to your Customer Success Manager using encrypted email or a one-time link.
Okta
Go to Applications and click Add Application. Select Web as the platform and OpenID Connect as the Sign on method. Click Create and add the information below. Then, click Save and securely store the Client ID and Secret.
| Application Name | Prismic |
| Login redirect URIs |
|
Next, go to the endpoints section of the Okta documentation. Securely store the /authorize, /token, and, /userinfo endpoints.
To provide access to existing users, assign them to the Prismic Okta application. New users can be invited directly from the Prismic repository.
Finally, send the Client ID, Client Secret, /authorize, /token, and, /userinfo endpoints to your Customer Success Manager using encrypted email or a one-time link.
OAuth2 IdPs
Go to your IdP’s dashboard and create a new Open ID Connect application using the callback URI: https://prismic.io/sso/{your-email-domain.com}/callback.
To provide access to existing users, assign them to the Prismic application. New users can be invited directly from the Prismic repository.
Then, send the clientID, clientSecret, authorizeUrl, accessTokenURL, scope, profileURL and, userInfoUrl to your Customer Success Manager using encrypted email or a one-time link.