Configure general authentication behavior, SAML, and OIDC for your Omni organization.
Organization Admin permissions are required to access and modify authentication settings.
The Settings > Authentication page contains settings that control how users sign in to your Omni organization. From here, you can manage general authentication behavior and configure SAML or OIDC.
The General Settings section controls how Omni’s default authentication methods (Google and email link) behave when SAML or OIDC is enabled.
Disable default authentication methods (Google, email link) when SAML or OIDC is enabled
When enabled, users will only be able to sign in using your configured SAML or OIDC provider. Google and email link authentication will be disabled for all users.When disabled, users can continue to sign in using Google or email link in addition to your configured SSO provider.
Disable email link fallback authentication for all administrators when SAML or OIDC is enabled
This setting displays only when Disable default authentication methods is enabled.
By default, Organization Admins can sign in using email link authentication as a fallback in case other authentication methods are broken or unavailable. This ensures admins can always access Omni to troubleshoot identity provider issues.When enabled, this fallback is removed and Organization Admins must sign in using your configured SAML or OIDC provider.
Disabling the email link fallback can lock administrators out of Omni if your identity provider becomes unavailable or misconfigured. Make sure you have a recovery plan before turning this on.
After making changes, click Save general settings to apply them.
The SAML Configuration section is used to connect Omni to a SAML identity provider. For step-by-step setup instructions, refer to the guide for your identity provider:
The OIDC Configuration section is used to connect Omni to an OpenID Connect identity provider. For setup instructions, refer to the OIDC configuration guide.
