Set Up SSO

Let your team sign in to Vidgram through your company's identity provider.

Single Sign-On (SSO) lets your team sign in to Vidgram using your company's identity provider -- like Okta, Microsoft Entra ID (Azure AD), Google Workspace, or JumpCloud. SSO is available on the Enterprise plan.

Before you start

You'll need:

  • A Vidgram workspace on the Enterprise plan
  • Owner access in Vidgram
  • Access to your company's identity provider admin console (or your IT admin's help)

Step 1: Start the SSO setup in Vidgram

  1. Open Settings from the sidebar.
  2. Scroll to the Single Sign-On section.
  3. Enter your company's email domain (e.g., acme.com). This is the domain your team uses to sign in.
  4. Click Configure SSO.

Vidgram creates the SSO connection and shows a "Setup required" status.

[SCREENSHOT: SSO card showing the domain input field and Configure SSO button]

Step 2: Open the identity provider configuration portal

  1. After creating the connection, click Configure Identity Provider. This opens a configuration portal in a new tab.
  2. The portal gives you the details you need to set up Vidgram in your identity provider: Entity ID, ACS URL, and other SAML or OIDC values.
  3. Follow the instructions for your specific identity provider.

Vidgram supports any identity provider that speaks SAML 2.0 or OIDC, including:

  • Okta
  • Microsoft Entra ID (Azure AD)
  • Google Workspace
  • JumpCloud
  • OneLogin
  • PingIdentity

[SCREENSHOT: Configuration portal showing SAML details to enter into your identity provider]

Step 3: Verify the connection

After your IT admin finishes the identity provider setup:

  1. Go back to the SSO section in Vidgram Settings.
  2. Click Check Status.
  3. If everything is set up correctly, the status changes to Active and shows the connected identity provider name.

If the status doesn't change, double-check the configuration values in your identity provider and try again. DNS and certificate propagation can take a few minutes.

[SCREENSHOT: SSO card showing Active status with the identity provider name]

Step 4: Test the connection

Click Test SSO Login to open a new tab and sign in through your identity provider. This confirms that the full login flow works before you roll it out to your team.

Enforce SSO for all team members

Once SSO is active, you can require every team member to sign in through your identity provider:

  1. In the SSO section, find the SSO Enforcement toggle.
  2. Turn it on.

When enforcement is on, team members can't sign in with email and password. They must use SSO. Make sure all team members are provisioned in your identity provider before turning this on.

Just-in-time (JIT) provisioning

When JIT provisioning is turned on, new users who sign in through your identity provider are automatically added to your Vidgram workspace. You don't need to invite them first.

Turn this on from the JIT Provisioning toggle in the SSO section.

Remove the SSO connection

  1. In the SSO section, click Remove Connection.
  2. Confirm the removal.

After removing SSO, team members will need to set a password to continue accessing Vidgram.

Troubleshooting

"SSO is available on the Enterprise plan" -- SSO requires the Enterprise plan. Contact us to book a demo and discuss your needs.

Status stuck on "Setup required" -- Your identity provider configuration isn't complete. Click Configure Identity Provider to review the setup details.

Status shows "Error" -- Something went wrong with the identity provider connection. Click Reconfigure to review the settings, or remove and re-create the connection.

Still stuck? Email us at support@vidgram.ai and we'll get back to you within one business day.