Configure SSO authentication for your Push.ai organization
Push.ai supports using Identity Providers (IdP) such as Okta to control authentication through single sign-on (SSO). We also support provisioning and deprovisioning Push.ai users along with managing their role assignments through SCIM (directory sync).
Push.ai supports the SAML protocol for single sign-on authentication. To initiate setup, contact our support team at support@push.ai. We’ll provide specific instructions and a test environment for setting up Push.ai with your preferred IdP.
After completing the SSO integration:
Email Requirements
The primary email of each user assigned to Push.ai in your IdP must match their Push.ai user’s email. Otherwise, they won’t be able to log in to their Push.ai account.
SCIM (System for Cross-domain Identity Management) enables you to:
In addition to standard attributes (id
, emails
, first_name
, last_name
), Push.ai requires the following custom attribute:
roles
→ <name_of_push_ai_role>
Examples: Admin
, Data
, or NormalUser
Important Notes about Roles - Role assignments must be non-empty - SCIM-enabled organizations do not have default roles - All role assignments must be explicitly managed through your IdP - Role names are case-insensitive
During initial SCIM setup:
roles
attributeFor detailed setup instructions specific to your IdP or additional support, please contact our support team at support@push.ai
Configure SSO authentication for your Push.ai organization
Push.ai supports using Identity Providers (IdP) such as Okta to control authentication through single sign-on (SSO). We also support provisioning and deprovisioning Push.ai users along with managing their role assignments through SCIM (directory sync).
Push.ai supports the SAML protocol for single sign-on authentication. To initiate setup, contact our support team at support@push.ai. We’ll provide specific instructions and a test environment for setting up Push.ai with your preferred IdP.
After completing the SSO integration:
Email Requirements
The primary email of each user assigned to Push.ai in your IdP must match their Push.ai user’s email. Otherwise, they won’t be able to log in to their Push.ai account.
SCIM (System for Cross-domain Identity Management) enables you to:
In addition to standard attributes (id
, emails
, first_name
, last_name
), Push.ai requires the following custom attribute:
roles
→ <name_of_push_ai_role>
Examples: Admin
, Data
, or NormalUser
Important Notes about Roles - Role assignments must be non-empty - SCIM-enabled organizations do not have default roles - All role assignments must be explicitly managed through your IdP - Role names are case-insensitive
During initial SCIM setup:
roles
attributeFor detailed setup instructions specific to your IdP or additional support, please contact our support team at support@push.ai