Single sign-on
Authenticate with Retool using Single Sign-on.
Single sign-on (SSO) is a user authentication tool that enables users to securely access multiple applications and services using one set of credentials. Rather than require users to create additional usernames and passwords for Retool, you can centralize logins to a single identity provider (IdP). SSO is primarily used for authentication, though Retool also supports syncing groups for authorization.
Retool organizations on every plan can use Sign in with Google. Organizations on the Enterprise plan can configure additional SAML and OIDC providers that Retool supports, or configure a custom SSO provider. You can also map the roles in your IdP to Retool permission groups, or use Retool's SCIM integration to automatically provision users.
Get started
Follow an SSO quickstart guide to get started.
ADFS
Active Directory Federation Services SAML.
Auth0
Auth0 with OIDC.
Microsoft Entra ID
Microsoft Entra ID OIDC and SAML.
Custom
Custom OIDC and SAML provider.
Google OIDC and Sign-in with Google.
Okta
Okta OIDC and SAML.
OneLogin OIDC
Protect workflows with Source Control.