Directory Sync and SSO

Configuring SAML SSO, OIDC, SCIM directory sync, and just-in-time provisioning.

Single Sign-On (SSO)

PlugIQ supports SSO via SAML 2.0 and OpenID Connect (OIDC). When SSO is enabled, workspace members authenticate through your identity provider (IdP) rather than with a PlugIQ username and password.

Configuring SAML SSO

  1. Go to Settings → Security → SSO.
  2. Click Configure SAML.
  3. Download the PlugIQ Service Provider metadata XML and upload it to your IdP.
  4. Enter your IdP’s metadata URL or paste the XML.
  5. Map the required SAML attributes: email, first_name, last_name.
  6. Enable SSO and optionally enforce it.

Directory Sync (SCIM)

SCIM 2.0 directory sync automatically provisions and deprovisions user accounts as your IdP’s directory changes. Users added in your IdP are automatically invited to PlugIQ; users removed are automatically deactivated.

Managing Users and Groups Data Retention
Back to Administration