.svg)
Enpass supports Single Sign-On (SSO) for the Admin Console, allowing admins to authenticate through your organization's Identity Provider (IdP) rather than using a password or email verification code. Once SSO is configured and activated, you have the option to enforce it, making SSO the only permitted login method for all admins.
Before You Begin
-
You must be a Super Admin to configure or enforce SSO. Standard Admins do not have access to SSO settings.
-
SSO must be fully configured and successfully tested before it can be enforced. If you haven't set up your SSO connector yet, follow the complete setup guide first:
👉 Configure Single Sign-On for the Enpass Admin Console →
That guide covers connecting your IdP (Microsoft Entra ID, Google Workspace, or Okta), testing your configuration, and activating SSO as an available login option.
Enforcing SSO
Once SSO is activated (tested and enabled), you can enforce it to prevent admins from logging in via any other method:
-
In the Admin Console, navigate to Settings > Single Sign-On.
-
Locate your active SSO configuration.
-
Enable the Enforce SSO toggle.
Enforcing SSO will disable all other login methods (including password and email verification code) until the enforcement is lifted.
⚠️ Important: Before enforcing SSO, confirm that all admins have valid accounts in your IdP and can successfully authenticate through it. Enforcing SSO without verifying this could lock admins out of the console.
Lifting SSO Enforcement
To re-enable other login methods, return to Settings > Single Sign-On and disable the Enforce SSO toggle.