Single Sign-on Authentication

SigNoz supports single sign-on (SSO), allowing your users to authenticate through an external identity provider (IdP) such as Google Workspace instead of maintaining SigNoz-specific passwords.

Configure All SSO configuration under Settings → Organization Settings → Authenticated Domains

Google Workspace

Google Workspace SSO enables members of your email domain to access SigNoz using their Google accounts, eliminating the need for additional credentials.

Availability

• Plans: Community Edition , Teams , Enterprise
• Who can configure: Google Workspace Super-Admins or SigNoz Org Owners

Step‑by‑Step Setup

1. Create OAuth 2.0 credentials in Google Cloud

1. Visit the Google Cloud Console → Credentials.

2. Select or create a project for SigNoz.

3. Click Create credentials → OAuth client ID → Web application.

4. Add an Authorized redirect URI:

   https://${SIGNOZ_BASEURL}/api/v1/complete/google
   

5. Click Create and note the Client ID and Client Secret. You’ll paste these into SigNoz shortly.

2. Add your email domain in SigNoz

1. In SigNoz, go to Settings → Organization Settings → Authenticated Domains.
2. Click Add a Domain, then enter your company domain, e.g. user@your-email-domain.com.

3. Enable Google Authentication

1. After the domain appears in the list, click Configure SSO.
2. Choose Google Authentication.
3. Paste the Client ID and Client Secret from Google Cloud.
4. Click Save Settings.

4. Enforce SSO

Back in the domain list, toggle Enforce SSO. From now on, all the users with the user name format <user>@your-email-domain.com will be forced to log in through Google.

5. Test the setup

Open a private/incognito window and visit your SigNoz URL. You will be redirected to Google for authentication and then back to SigNoz.

Inviting new users

SSO does not auto‑provision accounts. Org Owners still need to invite people through Settings → Organization Settings → Invite Members.

Troubleshooting