Single Sign-On (SSO)
Single Sign-On lets your team sign in to AgenticAnts with your corporate identity provider, so access follows your existing identity and offboarding processes.
ℹ
Enterprise feature. SSO is configured per organization, typically with help from your AgenticAnts contact for production tenants. Requires the Owner role.
What's supported
- OAuth / OIDC / SAML identity providers.
- Domain-based routing — users whose email is on your verified domain are routed to your organization's SSO and provisioned automatically.
- Encrypted credentials — provider client secrets are stored encrypted.
Setting it up
- In your identity provider, register an application for AgenticAnts and note the issuer/metadata, client ID, and client secret (or SAML metadata).
- Provide these to AgenticAnts to configure SSO for your organization and the email domain(s) to route.
- Test sign-in with a pilot user, then roll out to the organization.
ℹ
For provisioning at scale, the platform also supports SCIM (user provisioning) via the public API — see the API Reference.
Next steps
- Members & Roles — roles for provisioned users.
- Audit Logs — track access and changes.