Single Sign-On (SSO) is available as a business feature in Lovable, enabling secure, centralized authentication across your organization. With SSO, users can access all their tools with one set of credentials, simplifying access management and improving security. Lovable supports both OIDC (OpenID Connect) and SAML protocols, enabling integration with all major identity providers including Okta, Microsoft Entra ID (Azure AD), Google Workspace, and more.

Setup SSO

To set up SSO, a Workspace Owner or Admin must log in and navigate to
Settings → Workspace → Identity, then follow the setup instructions.

OIDC Configuration

For OIDC providers, configure the following settings: Redirect URI: https://auth.lovable.dev/__/auth/handler Required Scopes:
  • email
  • openid

SAML Configuration

For SAML providers, configure the following settings: Redirect URI / ACS URL: https://auth.lovable.dev/__/auth/handler Audience URI / Entity ID: https://auth.lovable.dev/__/auth/handler Required Claims: Make sure the SAML response includes display_name and email as attributes. These attributes are required for authentication and user provisioning in Lovable.

Common Issues and Troubleshooting