Skip to main content
LiveEnterprise SSO

Live for Enterprise SSO-entitled workspaces

SAML SSO

Use this guide for Enterprise SSO-entitled workspaces.

Before you start

  • Confirm the workspace is entitled for Enterprise SSO.
  • Confirm an owner/admin has break-glass access outside the identity provider.
  • Collect the identity provider metadata, certificate, entity ID, and SSO URL.
  • Confirm the email claim matches Cadence user email addresses.

Configure SAML

  1. Open Admin.
  2. Select SSO.
  3. Choose SAML.
  4. Enter the identity provider metadata values.
  5. Save the configuration.
  6. Run the validation check.
  7. Test login in a fresh browser session before enforcing SSO for the workspace.

Verify

  • A tenant member can sign in through the identity provider.
  • A disabled or unauthorized identity provider user cannot access the workspace.
  • Break-glass owner/admin access remains available.

Boundary

SCIM provisioning is roadmap-labeled and should not be described as live account provisioning.