Single Sign-On (SSO)

Single Sign-On (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials.

Bytebase supports the following standard protocols that provide SSO:

Prerequisites

Configure External URL.

Create SSO provider

As a Workspace Admin, you can create a SSO provider with the following steps:

  1. Go to the Settings page.

    settings-sso

  2. Click Create to start creating SSO.

  3. Fill in all the required fields.

    create-sso-dialog

Sign in with SSO

Bytebase employs JIT (Just-In-Time) user provisioning. It will create the user the first time the user signs in.

Once a valid SSO has been created, the user can choose the configured SSO provider to sign in.

sign-in-with-github

Enforce SSO Sign-in

As a Workspace Admin, you can enforce SSO sign-in for all users in the workspace.

Go to the Settings > Workspace > General, find the Security section and turn on the Disallow signin with email&password option.

bb-disallow-emailpass-only-sso

Afterwards, when the user tries to sign in, the only option is to sign in with the configured SSO provider.

bb-only-sso

In case of an emergency, the admin can log in by navigating to <YOUR_URL>/auth/admin and entering the email and password.

Edit this page on GitHub

Subscribe to Newsletter

By subscribing, you agree with Bytebase's Terms of Service and Privacy Policy.