Single Sign-On (SSO) is an authentication method that allows users to securely authenticate with multiple applications and websites, including StrongDM. StrongDM customers often leverage SSO to make infrastructure access as simple as accessing any other business application.
SSO can be implemented with StrongDM using either OIDC or SAML.
Do you plan to use SSO?
Yes, with OIDC: Explore our documentation for OIDC SSO:
Yes, with SAML: Explore our documentation for SAML SSO:
Yes, with OAuth:
No: If you don’t plan to implement SSO, your users will be managed by StrongDM through the Admin UI:
Provisioning with SCIM
SSO provides the base functionality where your users can authenticate to StrongDM using their organization-wide credentials. SCIM (System for Cross-Domain Identity Management) takes this a step further by automating identity and access provisioning.
In other words, with SSO only, an administrator must still manually manage the roles and permissions of each user within the context of StrongDM. By implementing SCIM, an organization can automatically create, update, and deprovision users and their roles within StrongDM based on their status within the organization. SCIM groups will map to roles within StrongDM.