# Single Sign-On (SSO) on Cloud

## How to Login to DecisionRules using Single Sign-On (SSO) <a href="#how-do-i-sign-into-contentful-with-my-corporate-credentials" id="how-do-i-sign-into-contentful-with-my-corporate-credentials"></a>

If your organization has the single sign-on (SSO) option enabled, on the Login page click on the “SSO” link at the bottom.

![How to login to DecisionRules using Single Sign-On (SSO)](https://437457296-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MN4F4-qybg8XDATvios%2Fuploads%2Fh0PI7A6e0y8FQY3pb2gE%2Fimage.png?alt=media\&token=7680ebbd-2a53-41b1-b8a0-0828a9633f6f)

Next, provide your email address with the SSO of your organization.

![DecisionRules Single Sign-On (SSO) Login Form](https://437457296-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MN4F4-qybg8XDATvios%2Fuploads%2FX8w372ASLavp5zKf3cZa%2Fimage.png?alt=media\&token=03c3b418-1227-4ddd-a07b-8f69caab02a7)

Enter your corporate email. You will be redirected to your provider's webpage to enter your credentials - **Username** and **Password**. After you have successfully entered them and logged in, will be redirected back to DecisionRules on your **Dashboard**.

{% hint style="info" %}
If you already have an account with corporate email, and the provider is in our database, there will be no change for you.
{% endhint %}

### Is the single sign-on feature available for all customers? <a href="#is-the-single-sign-on-feature-available-for-all-customers" id="is-the-single-sign-on-feature-available-for-all-customers"></a>

The single sign-on feature (SSO) is available for **on-premise**, **private cloud** and **public cloud** (large and higher) also for the current plans. To enable SSO for your organization, go to [organization settings](https://docs.decisionrules.io/doc/organization/settings).

### What Identity Providers (IdP) does DecisionRules support?

DecisionRules SSO works with all Identity Providers that support the SAML 2.0 protocol.

* Google SSO
* Keycloak
* Microsoft Entra ID
* Okta
* OneLogin
* Ping Identity

### How do I set up a single sign-on access for my organization?

To edit SSO for your organization, go to [organization settings](https://docs.decisionrules.io/doc/organization/settings).

| Variable         | Description                                                                                                                                               |
| ---------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **SSO Name**     | Domain in the email address - has to be unique                                                                                                            |
| **Entry Point**  | Identity provider entry point                                                                                                                             |
| **Issuer**       | Issuer string to supply to IdP                                                                                                                            |
| **Callback Url** | It is the URL that which provider call with the callback. Need to be set up on the provider. Something like: api.decisionrules.io/saml/callback           |
| **Certificate**  | Single line certificate string without the ------ BEGIN/END Certificate ------. You can simple use drop area and certificate will be parsed automatically |

{% hint style="info" %}
For more information contact us at <mark style="color:green;">**<sales@decisionrules.io>**</mark>
{% endhint %}