Single Sign-On for Admins
- Enterprise
Setting up SSO
Only a team admin can configure SSO for a Postman Team.
- Log in to Postman, and start on the Postman Edit Team Details page. If the team is subscribed to an enterprise plan, the option to configure SSO will be displayed.
2. Select an authentication provider, or Identity Provider (IdP), from the dropdown.
3. Provide the necessary details to create an authentication.
4. The Identity Provider (IdP) details can be collected from here.
5. After configuring SSO on your IdP, you can enter IdP metadata manually or upload the metadata file in XML format which is generated by the IdP.
6. When the setup is done, admins can manually enable or disable the authentication from this page.
Postman does not email team members when SSO is set up, changed, or disabled. It is the responsibility of the admins to notify team members and convey the login URL to them so they can access Postman via SSO.
Managing user accounts
Creating end user account
To add an end user, create an account for the user in the Identity Provider (IdP). The first time a new user logs in to Postman via the IdP, a Postman account will be created only if the team has slots available and the Allow Signups box is checked while configuring the SSO. The user will be automatically associated to the team with a member role and will have access to team resources.
Existing user account
If a Postman user logs in to Postman via IdP, then the user will be associated to the team provided that:
- A team invitation exists for the user.
- The team has available slots and the Allow Signups box was checked while the admin configured the SSO.
Removing IdP access
Removing an end user from the IdP will prevent the user from being able to log in to the corresponding Postman account, but will not remove the account from Postman. To prevent access to team resources, we recommend removing the end user’s account from the Postman Team associated with the IdP.