Search…
Single Sign-On (SSO)

Overview

For Enterprise-tier customers, Copia supports Single Sign-on, which enables users in your organization to sign-in and sign-up with an external identity provider.
Copia supports the following SSO features:
  • Just-in-Time (JIT) provisioning for users in your organization's email domain.
  • The option to require usage of SSO for any user with an email in your organization's domain.
  • Support and setup guides for over 20 OIDC and SAML Identity Providers including Shibboleth, Okta, OneLogin, Google, and many more.
Please refer to the bottom of this topic for some frequently asked questions

Configuration

To begin, access your organization settings by clicking on the gear icon on your organization's logo.
Select Single Sign-on in the left navigation bar.
We will detect your organization's email domain based on the users in your organization. If this domain is incorrect, contact us for assistance.
Click Configure SSO to continue.
Copia has partnered with WorkOS to provide a seamless SSO onboarding experience. In the WorkOS admin portal, you will be guided through the process of setting up your Identity Provider step-by-step.
After you have finished setup, you will see information about your Identity Provider in Copia:
This page will now allow you the option of requiring users in your organization and email domain to sign in and sign up with this Identity Provider.
Be careful when deleting your Identity Provider. Since Copia does not collect a password for users who sign up with SSO, some users in your organization may be unable to sign in until a new Identity Provider is added.

Usage

After configuring SSO, users can select "Sign in with SSO" from the main login screen to sign in with SSO based on their email domain.

Just-in-Time Provisioning

If your email domain has SSO setup, users in your domain who attempt to register for an account or sign in with SSO will be redirected to your Identity Provider to login. Upon successful login, an account will be created for them and they will be added to your organization.
It is still recommended to send users an email invite in order to set up their permissions in the app before they join. Users in your organization who receive an email invite will be redirected to SSO during account creation.

SSO FAQ

  • Does this feature support self-hosted systems?
    • There are different SSO options for self-hosted systems. Please contact Copia for more information.
  • Does Copia support SCIM provisioning?
    • We do not currently support SCIM provisioning but it is on our roadmap for future development.
  • Will this affect my already configured SAML SSO configuration?
    • No, Copia will continue to support your existing configuration, until you have the opportunity to migrate to the new offering.