Manage Users with SSO
Enterprise SSO affects how users are authenticated and managed in your Rillet organization.
Important:
Enterprise SSO handles authentication only. It does not automatically provision users in Rillet.
Before a team member can log in using SSO, invite them through Organization Settings > Members & Roles > Members.
Once Enterprise SSO is enabled, user management depends on whether a user’s email domain is verified. You can continue to add and manage users by following the Manage Members guide.
Users with Non-Verified Domains
When inviting a user whose email domain does not match any verified SSO domains (for example, an external consultant or auditor), you can choose their authentication method:
Standard (magic link, OTP, or OAuth)
Enterprise SSO
You can switch a user’s authentication method between Enterprise SSO and Standard at any time from the member’s settings.
Users with Verified Domains
If a user’s email domain matches one of your verified organization domains, Enterprise SSO is automatically assigned as their only authentication method.
This cannot be changed. All users on verified domains must authenticate through your identity provider. Other login methods (magic link, one-time password, Google or Microsoft OAuth) are not available for these users.
How Users Log In with SSO
Once a user has been invited to your Rillet organization, the login flow works as follows:
Enter your email address on the Rillet login page.
Rillet detects that SSO is enabled for your email domain and redirects you to your identity provider.
Authenticate using your identity provider (credentials, MFA, and other methods).
After successful authentication, you are redirected back to Rillet and logged in automatically.
See Also
To learn more about SSO setup and related configuration, see the following articles:
Last updated