What is SSO?

Single sign-on (SSO) is an account security feature which allows customers to mandate sign-in requirements and team member access to systems like the Stripe Dashboard. Specifically, Stripe supports Security Assertion Markup Language (SAML) version 2.0, allowing authentication and team member account creation to be deferred to the Identity Provider (IdP).

Benefits of SSO

Using SSO to authenticate to the Stripe Dashboard has two main benefits:

• Security improvements
  • Allow team members to access the Dashboard without needing to create a password.
  • Leverage authentication decisions defined through an IdP, such as password policies and mandating two-factor authentication.
• Easily manage access
  • Allow new team members to instantly sign in to the Dashboard using Just-in-Time account provisioning.
  • Revoke Dashboard access, as needed.

Features

We support:

• SSO configuration options
  Configure Stripe accounts to either mandate SSO for all team members or allow sign in using SSO or email and password.
• Just-in-Time account creation
  Provision new Stripe accounts for team members without existing access, upon their first SSO sign-in.
• Custom Dashboard roles for team members
  Configure Dashboard roles through the IdP. This is compatible with dashboard roles.
• IdP-initiated login
  Directly authenticate from an Identity Provider’s website or browser extension, assuming the IdP supports Service Provider-initiated login.

We do not currently support:

• System for Cross-domain Identity Management (SCIM)
  SCIM is a protocol that an IdP can use to synchronize user identity lifecyle processes (e.g. provisioning and deprovisioning access, populating user details) with the Service Provider, such as Stripe.