SSO Management

When using tenants in Descope, it's common to connect external IdPs and associate them to your tenants as well. These are what we call SSO Tenants, and can be managed a couple of different ways.

Overview of SSO Management

With Descope, you can configure tenant-specific SSO, manage attributes and group mappings, and provide a seamless authentication experience across all tenant applications. Each tenant is allowed to integrate with their preferred identity provider (IdP), such as Okta, Azure AD, or Google Workspace.

Descope’s tenant SSO features include self-service configuration, testing of SSO connections, and the ability to map custom claims to user roles, groups, or other attributes.

Managing SSO Settings

These SSO settings can be managed different ways, depending on your preference.

Descope Console

You can modify your Tenant settings and attributes, as well as create and delete them, all from the Tenants page in the Descope Console.

Management SDKs

Visit our Management SSO section to see all of the various ways you can manage SSO authentication in your backend with our Management SDKs.

Self Service SSO Configuration

Tenant admins can also configure their own SSO, using our self-service SSO configuration widget. If you would like to learn more about how to use this widget, you can visit our section on this here

Other Relevant Documentation

Here are links to some other guides that are relevant to effectively managing tenant-based SSO.

Was this helpful?

Previous

Add User to Tenant

Next

Authorization with SSO Providers

On this page

SSO ManagementOverview of SSO ManagementManaging SSO SettingsDescope ConsoleManagement SDKsSelf Service SSO ConfigurationOther Relevant Documentation