Skip to main content
All CollectionsIntegrations
Single Sign-On (SSO)
Single Sign-On (SSO)

Log in easily using your SSO provider.

Nicole Capobianco avatar
Written by Nicole Capobianco
Updated over a week ago

With Perdoo, your organization can use Google or SAML SSO (Single Sign-On) to access your account using only email addresses. If you're using an SSO provider like Okta, Onelogin, or Microsoft Azure Active Directory, you can benefit from Perdoo's support for SAML.

You can also use SSO with the Perdoo app for iOS or Android.

In this article:

💡 Pro tip: You can add 2FA (two-factor or multi-factor authentication) through our Single Sign-On (SSO) integration. Most SSO providers (Microsoft Azure, SAML, Google, etc.) allow you to enforce 2FA. Once this is enforced, 2FA will also be a requirement to log in to Perdoo.

Set up SSO

Configure Integration tab to set up SSO
  1. Go to Configure

  2. Click on Integrations tab

  3. Check the Enabled checkbox

  4. Enter Company Domain(s)

  5. Select if you'd like User provisioning or Strict authentication

  6. Select your Provider

  7. Click Save

Your options


Check (to enable SSO) or uncheck (to disable SSO) the checkbox.

Company Domains

Enter your company domain here. For multiple, separate your domains with a comma:

Multiple company domains listed

User provisioning

These settings control what happens if a user logs in via SSO that hasn't been created in Perdoo yet.

When enabled, it'll create a new standard user with the same email address. When disabled, the user will not be able to log in.

The fields that will populate automatically are first_name , last_name, and job_position.

Strict authentication

For added security, enforce SSO-only logins, by checking the checkbox. This prevents any user from logging in via email password, or performing a password reset.


Choose Google or a SAML (ADFS, OneLogin, Bitium, Okta, etc.) connection.

SAML attributes

The following SAML attributes are supported:



First name


Last name


Job position


Please note: The "role" field is currently not supported as a mapped field. All users auto-provisioned users will be created as standard users.

SAML information

ℹ️ Available on Premium and Supreme.

  • IdP Entity ID (aka. Metadata URL)

  • SSO URL (aka. SAML Sign In URL)

  • X509 Signing Certificate (in PEM or CER format)

Copy the following to your identity provider:


  • Entity ID

Need a hand?

Contact our friendly Support team via the in-app chat at the bottom-right of your screen, or email

Did this answer your question?