Set up SSO and SAML
Configure single sign-on so your team logs in securely with your identity provider.

Single sign-on lets your team log in with the identity provider your firm already uses, so access is centrally managed and follows your existing offboarding process when someone leaves.
1. Start setup
From Workspace Settings → Security → SSO, choose your identity provider. PYNGYN supports standard SAML, so most identity providers work with the same general steps.
2. Configure your identity provider
You'll need to create a new application in your identity provider using the metadata PYNGYN provides on this screen (entity ID and ACS URL). Your IT admin typically handles this step.
3. Test before enforcing
Once connected, test with a single account before requiring SSO for your whole team, this avoids locking anyone out if a configuration detail needs adjusting.
4. Enforce SSO
When you're ready, turn on enforcement so all team members must sign in through your identity provider. Existing password-based logins are disabled at that point.
Need help with your specific provider?
Reach out to support with your identity provider's name and we'll walk through the specifics with you.