> ## Documentation Index
> Fetch the complete documentation index at: https://docs.ghostsecurity.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Single Sign On

> Setting up single sign-on for SAML and OIDC

Ghost supports single sign-in with any SAML 2.0 or OIDC compliant platform.

## SAML

### Required setup

To create your SAML integration, follow these steps:

<Steps>
  <Step title="Domain">Let the Ghost team know your company domain - e.g. `company.com`.</Step>

  <Step title="SAML Settings">
    <p>The Ghost team will provide you with a unique `SSO URL` and `Entity ID`.</p>
    <p>The `SSO URL` will be in a format like `https://app.ghostsecurity.ai/auth/saml/acs/<UUID>`. Depending on your platform, this may also be referred to as the Assertion Consumer Service URL or `ACS URL`.</p>
    <p>The `Entity ID` will be in a format like `https://app.ghostsecurity.ai/auth/saml/metadata/<UUID>`. Depending on your platform, this may also be referred to as the `Audience URI`.</p>
    <p>Enter these values when configuring your SAML application for Ghost.</p>
  </Step>

  <Step title="Constraints">
    <p>Next, set the `Name ID` and `Application username` values.</p>
    <p>Set the `Name ID` format to: `EmailAddress`</p>
    <p>Set the Application `username` to: `Email`</p>
  </Step>
</Steps>

Optionally, set the `name` and `role` attributes:

<Steps>
  <Step title="Name">Set the `name` attribute to `user.firstName`.</Step>
  <Step title="Role">Set the `role` attribute to `user.ghost_role`.</Step>
</Steps>

### Final setup

<Steps>
  <Step title="Metadata URL">Provide the **Metadata URL** generated by your IdP to the Ghost team. It will be a URL in a format like `https://<idp-provider>.com/app/yourappid/sso/saml/metadata`. </Step>
  <Step title="Assign users">Assign the appropriate users to your SAML application so they can login to the Ghost platform.</Step>
</Steps>

## OIDC

Coming soon.