What Is SAML SSO?

SAML Single Sign-On (SSO) allows your team members to sign in to Bugalou using your company's identity provider (IdP), such as Okta, Azure AD, Google Workspace, or OneLogin. This eliminates the need for separate passwords and centralizes access management.

Benefits of SSO

• Simplified login — team members use their existing company credentials
• Centralized access control — manage access from your identity provider
• Improved security — reduces password fatigue and enforces company security policies
• Automatic provisioning — new team members can access Bugalou instantly

Enabling SSO

To enable SAML SSO for your organization:

1. Navigate to Settings → Organization Settings → Security
2. Find the "SAML Single Sign-On (SSO)" section
3. Toggle the switch to enable SSO
4. Configure your identity provider with the Bugalou SSO details
5. Click "Save Settings"

Identity Provider Configuration

When setting up your IdP, you'll need the following Bugalou details:

• ACS URL (Assertion Consumer Service) — provided in the SSO settings panel
• Entity ID — your unique Bugalou organization identifier
• Name ID format — typically emailAddress

Required Attributes

Your IdP must send the following SAML attributes:

Attribute	Description
email	User's email address (used for matching)
firstName	User's first name
lastName	User's last name

How SSO Login Works

1. Team member clicks "Sign in with SSO" on the Bugalou login page
2. They are redirected to your company's identity provider
3. After authenticating, they are redirected back to Bugalou and logged in automatically

Disabling SSO

To disable SSO, toggle the switch off in the Security settings and save. Team members will need to use their Bugalou password to sign in. If they don't have one, they can use the "Forgot Password" flow to set one up.

For general security settings, see Security & Password Management. To set up personal two-factor authentication, see Two-Factor Authentication (2FA).