Enterprise SSO Documentation
Secure single sign-on for your organization
Enterprise Feature
SSO is available on the Enterprise plan. It allows your team to authenticate using your existing identity provider (IdP) like Okta, Azure AD, or Google Workspace.
Contact SalesOn This Page
Overview
Single Sign-On (SSO) allows your team members to access Vertos AI using their existing corporate credentials. This eliminates the need for separate passwords and provides centralized access control through your identity provider.
Benefits
- Centralized Access Control , Manage user access from your IdP
- Enhanced Security , Leverage your existing MFA and security policies
- Automatic Provisioning , Users are created automatically on first login
- Simplified Offboarding , Disable IdP access to revoke Vertos AI access
Supported Protocols
SAML 2.0
Industry-standard XML-based protocol for enterprise SSO
OIDC
Modern JSON-based protocol built on OAuth 2.0
Supported Identity Providers
Vertos AI supports SSO integration with all major identity providers. Click on a provider to view their setup documentation.
SAML Setup Guide
Step 1: Gather Service Provider Information
After activating Enterprise SSO, you'll receive the following information from your organization's SSO settings page:
https://clerk.vertosai.com/v1/saml/org_xxxhttps://clerk.vertosai.com/v1/saml/org_xxx/acshttps://clerk.vertosai.com/v1/saml/org_xxx/metadata.xmlStep 2: Configure Your Identity Provider
- 1
Create a new SAML application in your IdP admin console
- 2
Enter the Service Provider information from Step 1
- 3
Configure attribute mapping (see Attribute Mapping section)
- 4
Download the IdP metadata XML or certificate
Step 3: Complete Configuration
Send your IdP metadata to enterprise@vertosai.com or upload it through your organization's SSO settings page.
OIDC Setup Guide
OpenID Connect (OIDC) is a modern authentication protocol that may be simpler to configure than SAML for some identity providers.
Required Information from Your IdP
https://your-idp.com/.well-known/openid-configurationProvided by your IdPProvided by your IdP (keep secure!)Callback URL
Configure this as the authorized redirect URI in your IdP:
https://clerk.vertosai.com/v1/oauth_callbackAttribute Mapping
Configure your IdP to send these attributes in the SAML assertion or OIDC claims.
Required Attributes
| Attribute | Description | Example |
|---|---|---|
email | User's email address | user@company.com |
Optional Attributes
| Attribute | Description | Example |
|---|---|---|
firstName | User's first name | John |
lastName | User's last name | Doe |
department | User's department | Engineering |
role | User's role in the organization | admin |
Troubleshooting
"Invalid SAML Response" Error
This usually indicates a mismatch between the configured Entity ID and the actual issuer. Verify your IdP is using the exact Entity ID provided in your SSO settings.
"User Not Found" After SSO Login
Ensure your IdP is sending the email attribute correctly. Check that the email format matches your organization's verified domain.
Certificate Expiration
SAML certificates expire periodically. If SSO stops working suddenly, check if your IdP certificate needs renewal.
Need Help?
Our enterprise team is available to assist with SSO configuration and troubleshooting.