Setup SSO
To set up SSO, a Workspace Owner or Admin must log in and navigate toSettings → Workspace → Identity, then follow the setup instructions.
OIDC Configuration
For OIDC providers, configure the following settings: Redirect URI:https://auth.lovable.dev/__/auth/handler
Required Scopes:
emailopenid
SAML Configuration
For SAML providers, configure the following settings: Redirect URI / ACS URL:https://auth.lovable.dev/__/auth/handler
Audience URI / Entity ID: https://auth.lovable.dev/__/auth/handler
Required Claims: Make sure the SAML response includes display_name and email as attributes. These attributes are required for authentication and user provisioning in Lovable.
Common Issues and Troubleshooting
I already have an account, but I'm joining a business workspace that uses SSO. How do I log in?
I already have an account, but I'm joining a business workspace that uses SSO. How do I log in?
If you created your account using another login method (like email/password, Google, or GitHub), you’ll need to log in that way first. Once you’re logged in, navigate to Settings → Identity → Link with SSO. This will link your existing account to your SSO identity.
Important: If you attempt to log in with SSO before linking your existing account, you’ll see an error. This is a security measure to prevent unauthorized access. Log in using your original method first to complete the linking process.
Which SSO providers does Lovable support (Okta, Entra ID, Google SSO, etc.)?
Which SSO providers does Lovable support (Okta, Entra ID, Google SSO, etc.)?
Lovable supports all SSO providers that implement OIDC (OpenID Connect) or SAML protocols. This includes, but is not limited to: - Okta - Microsoft Entra ID (formerly Azure AD) - Google Workspace - Auth0 - OneLogin - - Any other OIDC or SAML-compliant identity provider Since we support the industry-standard OIDC and SAML protocols, you can integrate with any SSO provider that supports these protocols.