SSH BridgeSSH Bridge
Security

SSO with SAML and OIDC

SSH Bridge can use company single sign-on so team members authenticate through your identity provider instead of managing separate SSH Bridge passwords.

Supported Protocols

SSO supports SAML and OIDC providers. Common providers include Google Workspace, Microsoft Entra ID, Okta, Auth0, OneLogin, and other standards-based identity platforms.

Verified Company Domains

A company domain should be verified before SSO is enforced. Domain verification helps SSH Bridge match company worker accounts to the right organization and prevents accidental access from personal email domains.

Company Worker Accounts

After SSO is configured, company workers can sign in with the configured identity provider. Owners and admins can manage access using team roles, invitations, and plan limits.

Setup Checklist

  1. Make sure your plan includes SSO.
  2. Create a SAML or OIDC application in your identity provider.
  3. Add the callback, entity, issuer, and certificate details from SSH Bridge.
  4. Verify your company domain.
  5. Test sign-in with an owner or admin account before inviting the wider team.

Access Control

SSO controls authentication. SSH Bridge team roles and shared resources still control what each person can see or use after they sign in.