Introduction
Only organizations with an Enterprise plan are able to use SAML SSO. Contact us to get started with Enterprise.
Set up SAML SSO
Choose your email domains
You can claim multiple email domains and subdomains for your Organization. Any user that attempts to sign up with an email domain that matches your claimed domain will be required to use SAML SSO. Your claimed domains should match what your Identity Provider will report for your users. If you use email domain aliases, you should provide them to Replit as well to prevent your users from signing up without using SAML. For example, if your company uses email domains matchingacmeco.com
, foo.acmeco.com
, and acmebiz.com
you should provide all of these to Replit.
Replit must be able to verify that your organization owns these domains. If you need to add additional domains in the future you can contact us at support@replit.com.
Setup Replit in your Identity provider
Create a new application or service in your Identity Provider using the following- Service Provider (SP) Entity ID: Your Replit representative will provide this.
- SSO URL:
https://replit.com/__/auth/handler
Replit enables your SAML SSO
Once you’ve setup Replit in your Identity Provider, please provide your Replit representative with the following:- Identity Provider (IdP) entity ID: This identifies your IdP to Replit
- IdP SSO URL: This is the URL Replit will send users to when authenticating with your IdP
- Signature Certificate: An X509 certificate that Replit uses to verify authentication responses from your IdP.
Using SAML SSO
Signing up in with SAML will not automatically invite users to your organization. For automated user management and bulk operations, see SCIM instead.