# Enterprise Single Sign-On (SSO)

{% hint style="info" %}
Enterprise single sign-on (SSO) is only available for Organisations on the Enterprise Plan.
{% endhint %}

## Overview

Enterprise Single Sign-On (SSO) creates a secure bridge between DinMo and your organisation's infrastructure, allowing authentication data to be sourced directly from your identity provider (IdP). This replaces traditional email/password-based authentication providing seamless and centralised access management.

With Enterprise SSO, you can efficiently manage large teams using third-party IdPs like Google Workspace. 

{% hint style="info" %}
DinMo continuously expands its list of supported IdPs. If your preferred IdP is not currently available, feel free to contact us for assistance.
{% endhint %}

DinMo's SSO implementation is based on the widely adopted **SAML 2.0** protocol, ensuring secure and standardised integration with your authentication system.

The DinMo SSO is activated at the DinMo **organisation level** and available for all related workspaces.

### Related documentation

* [SSO using Google Workspace](https://docs.dinmo.io/workspace-management/enterprise-single-sign-on-sso/sso-using-google-workspace)
* [SSO using Okta](https://docs.dinmo.io/workspace-management/enterprise-single-sign-on-sso/sso-using-okta)

## FAQ

> **Does DinMo support Just-In-Time (JIT) provisioning?**
>
> Currently, DinMo doesn’t offer JIT user provisioning. If an SSO user doesn’t have an existing DinMo account, their account won’t be created automatically.
>
> To add users:
>
> * Log in to your DinMo workspace.
> * Invite the user to join your workspace.
> * Assign the appropriate roles and permissions by navigating to **Settings > Members** and managing roles on the **Users & Permissions** page.