Setup SSO
To set up SSO, a Workspace Owner or Admin must log in and navigate toSettings → Workspace → Identity, then follow the setup instructions.
OIDC Configuration
For OIDC providers, configure the following settings: Redirect URI: https://auth.lovable.dev/__/auth/handler Required Scopes:emailopenid
SAML Configuration
For SAML providers, configure the following settings: Redirect URI / ACS URL: https://auth.lovable.dev/__/auth/handler Audience URI / Entity ID: https://auth.lovable.dev/__/auth/handler Required Claims: Make sure the SAML response includes display_name and email as attributes. These attributes are required for authentication and user provisioning in Lovable.Common Issues and Troubleshooting
I already have an account, but I'm joining a business workspace that uses SSO. How do I log in?
I already have an account, but I'm joining a business workspace that uses SSO. How do I log in?
If you created your account using another login method (like email/password,
Google, or GitHub), you’ll need to log in that way first. Once you’re
logged in, navigate to Settings → Identity → Link with SSO. This will link
your existing account to your SSO identity.
Important: If you attempt to log in with SSO before linking your
existing account, you’ll see an error. This is a security measure to
prevent unauthorized access. Log in using your original method first to
complete the linking process.
Which SSO providers does Lovable support (Okta, Entra ID, Google SSO, etc.)?
Which SSO providers does Lovable support (Okta, Entra ID, Google SSO, etc.)?
Lovable supports all SSO providers that implement OIDC (OpenID Connect)
or SAML protocols. This includes, but is not limited to: - Okta - Microsoft
Entra ID (formerly Azure AD) - Google Workspace - Auth0 - OneLogin - - Any
other OIDC or SAML-compliant identity provider Since we support the
industry-standard OIDC and SAML protocols, you can integrate with any SSO
provider that supports these protocols.