SSO Integration

Single-Sign On (SSO) integration with identity providers like Okta

PopSQL offers Single-Sign On (SSO) integration for enterprise customers. This allows customers to manage their users’ access to PopSQL through an identity provider like Okta, and users can then use their identity provider to login to PopSQL.

For a full list of supported identify providers, see this article.

Once SSO integration is set up, when your users first login via SSO their account will be created and added to your organization based on their email address domain if you have Auto Join enabled. You can enable this feature on your organization's settings page.

If your organization does not have Auto Join enabled, users can still use SSO to login but they will not automatically be added to your organization. An admin of your organization will have to invite them individually.

Directory Sync

PopSQL also offers Directory Sync or System for Cross-Domain Identity Management (SCIM) integration. User provisioning is done just-in-time when the user first logs in. User deprovisioning is supported as well, when a user is removed, PopSQL will remove their account, but their data is retained in case customers need to access it still.

For a full list of supported identify providers, see this article.

Frequently Asked Questions

Can we use username/password login or “Sign in with Google” in parallel with SSO?
Yes, by default all login methods will continue to work.

Can we restrict users to only login via SSO?
No, at the time users can not be restricted to just SSO login. Please reach out to support if this is a requirement for your organization.

If our users have already created an account via username/password or “Sign in with Google”, will their account be preserved if they login via SSO?
Yes, if you have a user (ex. [email protected]) that has signed up with a password or through Google, when they sign in via SAML we will log them into the existing account with that email address ([email protected]).

Can we disable auto-join?
Yes you can disable auto-join and prevent users from automatically joining your organization during SAML login. You will have to invite them through the admin user’s page individually then.


Did this page help you?