Restrict SSO domains

Learn how to restrict SSO authentication to a list of approved domains.

Available on:Enterprise plan

You can restrict SSO authentication so that only users with email addresses from these domains are allowed. Separate multiple domains with commas.

On self-hosted deployments, this setting also disables username and password login. It is set using the RESTRICTED_DOMAIN environment variable.

Cloud-hosted organizations

1. Navigate to your organization's Single Sign On (SSO) settings.
2. Select your configured SSO provider.
3. Specify one or more domains as a comma-separated list.

Self-hosted organizations

1. Navigate to Settings > Single Sign-on (SSO).
2. Select your configured SSO provider.
3. Specify one or more domains as a comma-separated list.

This setting disables username and password login. It is also set using the RESTRICTED_DOMAIN environment variable.