# Single Sign-On (SSO) on Cloud ## How to Login to DecisionRules using Single Sign-On (SSO) If your organization has the single sign-on (SSO) option enabled, on the Login page click on the “SSO” link at the bottom. ![How to login to DecisionRules using Single Sign-On (SSO)](https://437457296-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MN4F4-qybg8XDATvios%2Fuploads%2Fh0PI7A6e0y8FQY3pb2gE%2Fimage.png?alt=media\&token=7680ebbd-2a53-41b1-b8a0-0828a9633f6f) Next, provide your email address with the SSO of your organization. ![DecisionRules Single Sign-On (SSO) Login Form](https://437457296-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MN4F4-qybg8XDATvios%2Fuploads%2FX8w372ASLavp5zKf3cZa%2Fimage.png?alt=media\&token=03c3b418-1227-4ddd-a07b-8f69caab02a7) Enter your corporate email. You will be redirected to your provider's webpage to enter your credentials - **Username** and **Password**. After you have successfully entered them and logged in, will be redirected back to DecisionRules on your **Dashboard**. {% hint style="info" %} If you already have an account with corporate email, and the provider is in our database, there will be no change for you. {% endhint %} ### Is the single sign-on feature available for all customers? The single sign-on feature (SSO) is available for **on-premise**, **private cloud** and **public cloud** (large and higher) also for the current plans. To enable SSO for your organization, go to [organization settings](https://docs.decisionrules.io/doc/organization/settings). ### What Identity Providers (IdP) does DecisionRules support? DecisionRules SSO works with all Identity Providers that support the SAML 2.0 protocol. * Google SSO * Keycloak * Microsoft Entra ID * Okta * OneLogin * Ping Identity ### How do I set up a single sign-on access for my organization? To edit SSO for your organization, go to [organization settings](https://docs.decisionrules.io/doc/organization/settings). | Variable | Description | | ---------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | | **SSO Name** | Domain in the email address - has to be unique | | **Entry Point** | Identity provider entry point | | **Issuer** | Issuer string to supply to IdP | | **Callback Url** | It is the URL that which provider call with the callback. Need to be set up on the provider. Something like: api.decisionrules.io/saml/callback | | **Certificate** | Single line certificate string without the ------ BEGIN/END Certificate ------. You can simple use drop area and certificate will be parsed automatically | {% hint style="info" %} For more information contact us at **** {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.decisionrules.io/doc/access/cloud/single-sign-on-sso.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.