Skip to main content

Setup on

For Private Instance and Single-tenant installations

  1. Create a Support Ticket with the support team if one does not already exist.

  2. Provide the support team the IDP Metadata XML file containing the required values for your SSO Provider Application: Entity ID (Identity Provider Issuer), Single Sign-On URL (Redirect), Public x.509 Certificate (Signing),

  3. Once you are notified that the support team has completed the configuration on their side, you are ready to roll out SSO to your users.

For Public Instance Installations

Follow these steps to configure to use SAML:


An Administrator role in the organization on is required to make these changes.

  1. Go to the Organization Profile Page and browse to the Settings tab.

  2. On the Settings tab go to the Security section and configure the single sign-on options. Use the IDP Metadata XML file to get the values for setting these porperties.

  3. Click the Test SAML configuration button to test the configuration.

  4. Click Save if the test is successful. It may take a few minutes for the change to take effect for all organization members.


When you enable SSO for an organization, members of that organization will need to validate through the SSO provider to access any pages on, not just the organization’s.

All users of the organization will have their personal API tokens reset when SSO is enabled.

  • If they have integrations (such as Python) set up with this token, they will need to update the token within the integration.

  • If they have saved any query results as tables within, they will not be able to sync those tables. They will need to delete the tables and re-save the query results as a new table.