PlatformAdministration

Single Sign-On (SSO)

Configure enterprise authentication for your Credal deployment

Overview

Credal works out of the box with OAuth authentication for Google and Microsoft, providing immediate access for your team. However, for enterprise deployments, we strongly recommend implementing SAML/SCIM for enhanced security and user management capabilities.

For enterprise organizations, we recommend upgrading to SAML (Security Assertion Markup Language) with SCIM (System for Cross-domain Identity Management) provisioning.

SAML is an alternative to OAuth while SCIM allows for synchronous user and group data push. For example, SCIM allows instant deactivation of offboarded employees in Credal.ai and other third-party apps.

Additional RBAC Controls

Enabling group-push via SAML/SCIM allows administrators to configure group access to roles in Credal such as administrator/developer.

Benefits of SAML/SCIM

  • Automated User Provisioning - Automatically create user accounts when added to your identity provider
  • Real-time Deprovisioning - Immediately revoke access when users leave your organization
  • Group Management - Sync organizational groups and permissions

Supported Identity Providers

Credal supports virtually all identity providers, including Okta, Azure Active Directory, and other SAML 2.0 compliant providers.

Setup

To configure SAML/SCIM for your Credal deployment, please contact your dedicated Credal team. Our team will send you an automated self-serve setup tutorial to,

  1. Configure your identity provider settings
  2. Set up SAML assertions and attribute mapping
  3. Enable SCIM provisioning
  4. Test the integration

We are available to assist with setup. Contact your Credal team to get started with SAML/SCIM configuration.

OAuth

Credal provides native OAuth integration with:

  • Google Workspace - Sign in with your Google accounts
  • Microsoft 365 - Sign in with your Microsoft accounts

OAuth is ready to use immediately with no additional configuration required.