Sign in
An image of the Stripe logo
Create account
Sign in
Support
Overview

Single sign-on
Beta

Authenticate to the Stripe Dashboard with an Identity Provider.

Single sign-on for the Dashboard is currently in invite-only beta.

What is SSO?

Single sign-on (SSO) is an account security feature which allows customers to mandate sign-in requirements and team member access to systems like the Stripe Dashboard. Specifically, Stripe supports Security Assertion Markup Language (SAML) version 2.0, allowing authentication and team member account creation to be deferred to the Identity Provider (IdP).

If your identity provider is compromised, unauthorized parties may be able to access your Stripe Account. You are responsible for assessing the security requirements of your business, and selecting and implementing security procedures and controls appropriate to mitigate your exposure to security incidents.

Benefits of SSO

Using SSO to authenticate to the Stripe Dashboard has two main benefits:

  • Security improvements
    • Allow team members to access the Dashboard without needing to create a password.
    • Leverage authentication decisions defined through an IdP, such as password policies and mandating two-factor authentication.
  • Easily manage access
    • Allow new team members to instantly sign in to the Dashboard using Just-in-Time account provisioning.
    • Revoke Dashboard access, as needed.

Features

We support:

  • SSO configuration options - Configure Stripe accounts to either mandate SSO for all team members or allow sign in using SSO or email and password.
  • Just-in-Time account creation - Provision new Stripe accounts for team members without existing access, upon their first SSO sign-in.
  • Custom Dashboard roles for team members - Configure Dashboard roles through the IdP. This is compatible with dashboard roles.
  • IdP-initiated login - Directly authenticate from an Identity Provider’s website or browser extension, assuming the IdP supports Service Provider-initiated login.

We don’t currently support:

  • User Deletion in SAML—Due to the limitations of SAML, Stripe won’t be notified if user access is revoked in IdP. When users try to login through SSO again after the current session expires, their access will be revoked by Stripe. If this needs to happen instantly, you can delete the users in the team page.

  • System for Cross-domain Identity Management (SCIM) - SCIM is a protocol that an IdP can use to synchronize user identity lifecyle processes (for example, provisioning and deprovisioning access, populating user details) with the Service Provider, such as Stripe.

Was this page helpful?
Questions? Contact us.
View developer tutorials on YouTube.
Check out our product changelog.
Powered by Markdoc
On this page
What is SSO?
Benefits of SSO
Features
Stripe Shell
Test mode
                        ▗▄
         ▄▟█           █▀▀
▗▟████▙▖ ██████ ███▗▟█ ███ ███▗▟██▙▖ ▗▟█████▙▖
███▖  ▀▀ ███    ███▀▀▀ ███ ███▀  ███ ███   ███
▝▜████▙▖ ███    ███    ███ ███   ███ █████████
▄▄  ▝███ ███  ▄ ███    ███ ███▄  ███ ███    ▄▄
▝▜████▛▘ ▝▜███▛ ███    ███ ███▝▜██▛▘ ▝▜█████▛▘
                           ███
                           ▀▘


Welcome to the Stripe Shell!

Stripe Shell is a browser-based shell with the Stripe CLI pre-installed. Login to Stripe
docs and press Control + Backtick on your keyboard to start managing your Stripe resources
in test mode.

- View supported commands: 
- Find webhook events: 
- Listen for webhook events: 
- Call Stripe APIs: stripe [api resource] [operation] (e.g. )
The Stripe Shell is best experienced on desktop.
$