sso
The single sign-on (SSO) configuration option is for allowing the usage of specific identity providers (IdPs) defined in Reunite. This configuration determines which IdPs are available for logging in to a project. Configuring SSO by itself does not require users to log in to access a project. To require login to a project, rbac
or requiresLogin
must also be configured.
Options
Option | Type | Description |
---|---|---|
sso | array | List of identity provider types from Reunite. Values can include: REDOCLY, CORPORATE, or GUEST or Default value: |
Examples
Disable SSO
The following example is a sso
configuration that disables SSO:
sso: []
After applying this configuration, if you have rbac
configured for the same project, and there are pages assigned to the authenticated
default team, those pages are not accessible to anyone. Otherwise, if you do not have rbac
configured, or you have all pages assigned to the anonymous
default team, all pages are accessible.
Allow Guest and Redocly IdP
The following example allows users to use the GUEST
and REDOCLY
identity providers (IdPs):
sso: - GUEST - REDOCLY
Related options
- View all options for configuring RBAC for a project in the rbac reference documentation.
- If you do not want to use RBAC, you can use the requiresLogin reference documentation to require login for all users to your project.
Resources
- Learn more about the different IdP types in Reunite and how they apply to projects in the Single Sign-on concept.
- Follow steps for how to Add an identity provider in Reunite.
- If you have already added multiple IdP types in Reunite, you can Configure SSO to allow your users to use multiple IdP types for a project,
- For more complex scenarios where you need to grant access to specific content for specific users, you need Role-based access control (RBAC).