Single Sign-On (SSO) with Auth0
Last updated: January 19, 2026
π Overview
Chamelio supports Single Sign-On (SSO) using Auth0.
SSO allows your organization to authenticate users through your existing identity provider, enabling employees to sign in using their corporate credentials instead of managing separate passwords.
Chamelio acts as a Service Provider (SP) and delegates authentication to your Identity Provider (IdP) via Auth0.
β¨ What SSO Enables
When SSO is enabled for your Chamelio workspace:
β’ Users sign in using your companyβs identity provider
β’ Password management and multi-factor authentication (MFA) are handled by your IdP
β’ User access can be centrally managed by your IT or security team
β’ Login is faster and more secure for end users
π Supported Identity Providers
Chamelio uses Auth0 for authentication, which supports a wide range of enterprise identity providers.
Commonly supported providers include:
β’ Okta
β’ Azure Active Directory (Entra ID)
β’ Google Workspace
β’ OneLogin
β’ Ping Identity
In addition, Auth0 supports any identity provider that implements SAML 2.0 or OpenID Connect (OIDC).
This list is not exhaustive. Many other enterprise, regional, or custom identity providers can be supported depending on protocol compatibility and configuration.
If your organization uses a different identity provider, please contact Chamelio to confirm compatibility and discuss setup options.
π Authentication Protocols
Chamelio supports the following authentication standards through Auth0:
β’ SAML 2.0
β’ OpenID Connect (OIDC)
Your organization can use either protocol based on your identity provider and internal security requirements.
π₯ User Provisioning and Access
SSO controls authentication only. Authorization within Chamelio is managed separately.
Access is determined by:
β’ Workspace membership
β’ Roles and permissions configured in Chamelio
Users must exist in Chamelio (or be allowed via auto-provisioning, if enabled) to access the platform after authenticating via SSO.
β Self-Serve Setup Process
SSO is implemented using a self-serve configuration flow.
Once requested, Chamelio will generate a secure, dedicated setup link that can be shared directly with your IT or security team. This link guides them through configuring SSO with your identity provider using Auth0.
High-level steps:
β’ Request an SSO setup link from Chamelio
β’ Chamelio generates and shares a secure configuration link
β’ Your IT team configures the IdP using the provided instructions
β’ Metadata or certificates are exchanged (for SAML) or client details are verified (for OIDC)
β’ Login is tested with a pilot user
β’ SSO is enabled for the workspace
Chamelio remains available to support and validate the configuration if needed.
β Common Questions
π Can SSO be enforced for all users?
Yes. Once enabled, Chamelio can require SSO for all users in the workspace.
π‘ Is multi-factor authentication supported?
Yes. MFA is supported and enforced through your identity provider.
π» Can users still log in with email and password?
This depends on your workspace configuration. Password-based login can be disabled once SSO is enforced.
π‘ Is SCIM supported?
SCIM availability depends on your plan and configuration. Contact Chamelio to discuss automated user provisioning and deprovisioning.
π Getting Started
To request SSO setup, email support@chamelio.ai.
Chamelio will generate a secure self-serve setup link that you can share with your IT or security team to complete the configuration.