Skip to main content
All CollectionsEnterprise SSO
Setting up Enterprise Single Sign On

Setting up Enterprise Single Sign On

A guide on how to set up enterprise single sign on for your teamspace

C
Written by Carmen Fan
Updated this week

This guide outlines how to configure Single Sign-On (SSO) in 3D Repo using either OpenID Connect (OIDC) or SAML. 3D Repo supports both authentication protocols, enabling secure and streamlined user access management across your organization.

3D Repo supports integration with any identity provider that uses OIDC or SAML, and uses email address as the unique identifier for all user accounts. To configure SSO, please ensure your identity provider includes the user's email in the appropriate claim.

The following section describes the configurations required to set this up, if you require an in-depth guide on how to set this up within Microsft Entra ID, please refer to the following guides:

For OIDC (OpenID Connect)

Our redirect URL:

https://auth.3drepo.io/oauth/account/oidc/callback

Please provide the following details to your support contact:

  • Issuer URL

  • Application ID

  • Application Secret

  • List of domains (See Domain Claim)

For SAML

Our Identifier:

https://auth.3drepo.io

Our redirect URL:

https://auth.3drepo.io/account/saml/callback

Please provide the following details to your support contact:

  • A copy of the Federation Metadata XML

  • List of domains (See Domain Claim)

Domain claims

You will also need to specify which domain(s) should use this method of authentication. Anyone associated with a teamspace whose email domain matches the one you've configured will be redirected to this application for authentication.

For example, if you're setting up the application for all Asite employees, you would specify asite.com so that anyone with an @asite.com email address is directed to authenticate via this method.

If you also have subcontractors from other companies and want to manage their access through guest accounts in your tenant, you can include their email domains as well.

Please note that multiple SSO connections can be configured within a single teamspace. You're not limited to a single connection for all users—this gives you flexibility in managing access across different domains and organizations.

Did this answer your question?