Skip to main content
SSO configuration is available on the Enterprise plan.
Charley supports Single Sign-On via SAML 2.0 and OIDC (OpenID Connect), letting your team authenticate through your existing identity provider (IdP).

Supported Identity Providers

  • Okta
  • Microsoft Entra ID (Azure AD)
  • Google Workspace
  • Any SAML 2.0 or OIDC-compliant provider

SAML 2.0 Setup

1

Create a SAML application in your IdP

In your identity provider, create a new SAML 2.0 application. You’ll need the following Charley values:
FieldValue
ACS URLhttps://your-tenant.us.auth0.com/login/callback
Entity IDurn:auth0:charley:<your-org-slug>
Name ID formatEmail address
2

Download the IdP metadata

After creating the app in your IdP, download the SAML metadata XML file.
3

Enter SSO settings in Charley

Go to SettingsSSO in the dashboard and enter:
  • IdP Metadata URL or paste the XML directly
  • Attribute mapping for email and display name
4

Test the connection

Click Test SSO to verify the configuration with a test login before enforcing SSO for all members.

OIDC Setup

1

Create an OIDC application in your IdP

Register a new OIDC/OAuth2 application. Set the Redirect URI to:
https://your-tenant.us.auth0.com/login/callback
2

Gather your credentials

Note the Client ID, Client Secret, and Issuer URL from your IdP.
3

Enter OIDC settings in Charley

Go to SettingsSSO and fill in:
  • Issuer URL
  • Client ID
  • Client Secret

Enforcing SSO

Once SSO is configured and tested, you can enforce SSO for your organization. When enforced:
  • Members must authenticate via the IdP — username/password login is blocked.
  • New members provisioned by the IdP are automatically added to the organization.
Enforce SSO only after confirming at least one admin can authenticate via the IdP. Locking yourself out requires contacting Charley support.