Product Guide
Product GuideAPI ReferenceChangelog
Start typing to search…

Single Sign-On (SSO)

Allows your team members to securely access the AiPrise Dashboard

Single Sign-On (SSO) allows your team members to securely access the AiPrise Dashboard using their existing credentials from trusted identity providers such as Google, Microsoft, or Okta. This removes the need for multiple passwords and ensures smoother, more secure authentication across your organization.

SSO is optional, and you can enable one or more providers based on how your team manages identity and access.

SSO Login Methods

AiPrise supports the following SSO providers:

  • Google
  • Microsoft
  • Okta

Users can choose the appropriate SSO option directly on the login page.

They may also continue signing in with:

  • Email + Password (if enabled by your organization)

You control which login methods are available from the Dashboard.

Configure SSO in AiPrise

To enable SSO:

  • Navigate to Settings → SSO Settings in the Dashboard.
  • Under Login Methods, ensure SSO Login is enabled.
  • Select one or more providers you want your organization to use:
    • Google
    • Microsoft
    • Okta
  • Click Save Changes.

Once enabled, users will see the corresponding SSO buttons on the login screen.

📘

Notes

  • SSO is available only for users added to your AiPrise organization.
  • If both Email Login and SSO Login are enabled, users may choose either option.
  • Removing users from your identity provider immediately revokes Dashboard access.

Domain Locking

Domain Locking allows you to restrict user invitations to specific email domains, ensuring that only users from approved organisations can be added to your AiPrise workspace.

When enabled, users can be invited only if their email domain matches one of the allowed domain patterns you configure. This helps enforce stronger access control and prevents unauthorized users from joining your organization.

Configure Domain Locking

To configure domain restrictions:

  • Navigate to Settings → SSO Settings in the Dashboard.
  • Under Domain Locking, add one or more allowed domain patterns.
  • Click Add and then Save Changes.

You can specify:

  • Exact domains (e.g. company.com)
  • Subdomains (e.g. hr.company.com)
  • Wildcards (e.g. *.company.com)
📘

Notes

  • If no domains are configured, all email domains are allowed by default
  • Domain Locking applies to user invitations, not existing users.
  • This setting works independently of SSO and can be used with Email Login, SSO, or both.
  • Users with email addresses outside the allowed domains cannot be invited to the organization.

Updated about 7 hours ago