SSO lets your team log in to OKRs Tool using your existing identity provider — no separate password needed. OKRs Tool supports SAML 2.0 via a wide range of providers.
Supported providers
- Google Workspace
- Microsoft Azure AD / Entra ID
- Okta
- OneLogin
- JumpCloud
- AD FS
- Custom SAML 2.0
Setting up SSO
- Go to Settings → Security → Single Sign-On
- Click Configure SSO
- Select your identity provider from the list
- Follow the provider-specific setup guide — you'll need to add OKRs Tool as a SAML application in your IdP and paste the metadata URL or XML
- Test the connection using the Test SSO button before enforcing it
- Once verified, toggle Enforce SSO to require SSO for all logins
Enforcing SSO
When SSO is enforced, email/password login is disabled. Users who previously signed in with a password will be redirected to your SSO provider on their next login. Make sure to test SSO thoroughly before enforcing it.
2FA
Two-factor authentication can be enabled organisation-wide under Settings → Security → Two-factor authentication. When enabled, all members must use 2FA on login. Individual members can also enable 2FA on their own profile under Settings → My account.
Always test SSO with at least one account before enforcing it organisation-wide. If SSO breaks, you may lock your team out. Contact support if you get locked out.
SSO is available on Scale and Expand plans.