Single Sign-On (SSO)
Enterprise SSO (SAML 2.0 / OIDC) is a roadmap capability delivered as a custom engagement, not a self-serve GA feature today. There is no self-serve "Configure SSO" screen, ACS URL, or Entity ID flow in the product yet. Today, users authenticate with email/password or Google/Microsoft social sign-in. If enterprise federation is a requirement for your deployment, contact your account manager so we can scope what is available for your environment.
Single Sign-On is designed to enable secure, centralized authentication for your Containment.AI organization.
Overview
SSO is designed to provide:
- Centralized authentication through your IdP
- Enforce corporate password policies
- Automatic session management
- Simplified user experience
Supported Protocols
SSO is designed around the standard enterprise federation protocols:
SAML 2.0
Standard enterprise federation protocol used by providers such as Okta, Azure AD / Entra ID, OneLogin, Ping Identity, Google Workspace, JumpCloud, and other SAML 2.0 IdPs.
OIDC (OpenID Connect)
Modern authentication protocol used by providers such as Okta, Auth0, Azure AD, Google, and Keycloak.
The exact set of supported providers and enforcement options is confirmed per engagement.
Getting Started
Enterprise SSO requires a custom implementation with your identity team. Contact your Containment.AI account manager or sales team to begin:
- Requirements gathering - Discuss your IdP, protocol (SAML/OIDC), and enforcement needs
- Architecture review - Confirm attribute and group mappings
- Implementation - Configure and connect the federation
- Testing - Verify sign-in and attribute mapping with a pilot group
- Production - Enforce and go live
Related Topics
- SCIM Provisioning - User automation
- Administrators - Admin management
- Enterprise Plan - Plan features
- Contact Sales - Get started