























By default, enterprise SSO connections are configured by your team in the Clerk Dashboard. For every customer that needs SSO, someone on your side creates the connection, exchanges metadata with the customer's IT admin, tests it, and activates it. As your enterprise motion scales, that becomes a bottleneck. Self-serve SSO lets you delegate that configuration to your customers' IT admins, without giving them Dashboard access.
When you enable self-serve SSO for an Organization, a Security tab appears in that Organization's <OrganizationProfile />. An admin with the org:sys_entconns permission can set up the connection end-to-end from there:
TXT record.The connection is scoped to the Organization it's configured in and behaves like any other enterprise connection once it's live: users with a matching email domain sign in through the configured provider.
Self-serve SSO is available to applications using Organizations and is enabled per Organization. In the Clerk Dashboard, select an Organization, open its Settings, and turn on Allow this organization to set up SSO under Self-serve SSO. The Security tab then surfaces wherever your app renders <OrganizationProfile />.
For setup details and requirements, refer to the self-serve SSO documentation.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。