Configure SSO for Organization

ID: ORG-006 Priority: High Status: Planned

User Story

As an organization owner, I want to configure Single Sign-On with my company's identity provider so that employees can use their corporate credentials.

Acceptance Criteria

Support SAML 2.0 SSO configuration
Support OIDC/OAuth SSO configuration
Test connection before enabling
Auto-provision users on first SSO login (JIT provisioning)
Map SSO attributes to user profile fields
Option to require SSO for all org members
Bypass SSO for emergency admin access
Support multiple SSO providers per organization

Technical Notes

Implement SAML assertion consumer service
Store SSO configuration securely (encrypted secrets)
Certificate management for SAML
Consider using passport-saml and passport-openidconnect
Metadata endpoint for easy IdP configuration

New feature - enterprise SSO capability

979 B Raw Blame History

Configure SSO for Organization

User Story

Acceptance Criteria

Technical Notes

Related TODOs

979 B

Raw Blame History