How to configure SSO for your organization

PreviousSecurity and compliance features NextJam for Customer Support

Last updated 4 days ago

Was this helpful?

How to configure SSO for your organization

To configure SSO for your Jam workspace:

Your team must be on the plan,
You must be a team admin.
You must have admin access to your identity provider (IdP)

Go to your team settings (General tab) and find Access section:
Click on the Setup button for Identity Provider option and follow a step-by-step walkthrough to configure SSO with your identity provider.
Once the SSO is successfully configured you’ll see your IdP listed on the page, and all team members will be able to log in using SSO:

How to configure Directory sync for your organization

Directory Sync allows you to automatically manage team members through your IdP. When Directory Sync is configured, any changes you make in your identity provider will automatically be synced in Jam.

Go to your team settings (General tab) and find Access section.
Click on the Setup button for Active directory option and follow a step-by-step walkthrough to configure directory sync with your identity provider.
Once the directory sync is successfully configured you’ll see your IdP listed on the settings page, under General tab:

Now, when a new user is added to your identity provider, that user will automatically be added to your Jam team.

User management

How you manage team members will depend on whether you have Directory Sync enabled.

With Directory Sync:

User provisioning happens in your identity provider. All team members will get an email once they are provisioned. Note: provisioned users get a Creator role by default.

You can also access the settings from Jam, under Team tab, using the Manage members option:

You’ll be redirected to a directory sync management page, where you can also provision access via user groups in your IdP by selecting which groups to sync:

User roles are managed manually in team settings in Jam. Note: mapping user groups to specific team roles is not supported.

Removing users: once you remove user from your identity provider they will automatically lose access to the Jam account associated with company email.

Without Directory Sync:

Provisioning and roles are managed directly in Jam. You can add users, change user roles, or remove users manually in your team settings:

PreviousSecurity and compliance features NextJam for Customer Support

Last updated 4 days ago

Was this helpful?

To configure SSO for your Jam workspace:

Your team must be on the plan,
You must be a team admin.
You must have admin access to your identity provider (IdP)

Go to your team settings (General tab) and find Access section:
Click on the Setup button for Identity Provider option and follow a step-by-step walkthrough to configure SSO with your identity provider.
Once the SSO is successfully configured you’ll see your IdP listed on the page, and all team members will be able to log in using SSO:

How to configure Directory sync for your organization

Directory Sync allows you to automatically manage team members through your IdP. When Directory Sync is configured, any changes you make in your identity provider will automatically be synced in Jam.

Go to your team settings (General tab) and find Access section.
Click on the Setup button for Active directory option and follow a step-by-step walkthrough to configure directory sync with your identity provider.
Once the directory sync is successfully configured you’ll see your IdP listed on the settings page, under General tab:

Now, when a new user is added to your identity provider, that user will automatically be added to your Jam team.

User management

How you manage team members will depend on whether you have Directory Sync enabled.

With Directory Sync:

User provisioning happens in your identity provider. All team members will get an email once they are provisioned. Note: provisioned users get a Creator role by default.

You can also access the settings from Jam, under Team tab, using the Manage members option:

You’ll be redirected to a directory sync management page, where you can also provision access via user groups in your IdP by selecting which groups to sync:

User roles are managed manually in team settings in Jam. Note: mapping user groups to specific team roles is not supported.

Removing users: once you remove user from your identity provider they will automatically lose access to the Jam account associated with company email.

Without Directory Sync:

Provisioning and roles are managed directly in Jam. You can add users, change user roles, or remove users manually in your team settings:

SSO is available on the Enterprise plan. Reach out to enable SSO for your team.