You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/segment-app/iam/sso.md
+13Lines changed: 13 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -97,6 +97,19 @@ Enter your domain and click "Add Domain." When you click verify, you're given tw
97
97
> note ""
98
98
> **Note**: domain tokens expire 14 days after they are verified.
99
99
100
+
## Configuring SSO to access multiple workspaces
101
+
To configure SSO for multiple workspaces, your admin must configure access to each workspace as a separate app in your identity provider. You are unable to use verified domain(s) across multiple workspaces and will encounter the following error if you add a domain that is already verified in another workspace:
102
+
103
+
104
+
> warning ""
105
+
> **Warning**: This domain has already been claimed.
106
+
107
+
Once your admin has configured separate apps for each workspace in your IdP, the end-users can log in to the IdP and click on the relevant app for the workspace you are trying to access. This is also referred to as IdP-initiated SSO.
108
+
109
+
Two limitations do exist when multiple workspaces are configured to SSO access:
110
+
- Users will only be able to log in to the domain-verified workspace on Segment’s login page.
111
+
- Users must switch workspaces using IdP-initiated SSO, as they are unable to switch directly using the Segment UI.
0 commit comments