# Setting up SSO

Drivetrain uses the Okta platform for supporting authentication to the application. This guide covers setting up Single Sign On (SSO) for logging into the Drivetrain application.

We support all major SSO providers including Azure, Okta, Google, OneLogin, JumpCloud and AWS.

Please follow the steps below to configure SSO for Drivetrain.

{% stepper %}
{% step %}

### Create a SAML Application <a href="#create-a-saml-application" id="create-a-saml-application"></a>

In your SSO Provider’s console, create a SAML Application with following settings:

**Application name**: Drivetrain

**SSO URL or IDP URL:** <https://id.drivetrain.ai/drive/saml/config/default/\\><yourDrivetrainSubdomain>

The *yourDrivetrainSubdomain* above is the subdomain of the URL you use to login to Drivetrain.&#x20;

For example, for "**journey**.drivetrain.ai", subdomain is "**journey**" and the SSO URL is: <https://id.drivetrain.ai/drive/saml/config/default/journey>

**Audience URI**: <https://app.drivetrain.ai>

**Name ID format**: EmailAddress

Finish creating the application.
{% endstep %}

{% step %}

### Share application metadata <a href="#share-application-metadata" id="share-application-metadata"></a>

Once your application is created, please share:

* **Metadata** file of the new application
* **The embed URL** of the application with your Drivetrain customer success manager. This is the URL that will be shown when a user will go to yourDrivetrainsubdomain.drivetrain.ai and click on the “Sign in with SSO” button:

![](https://docs.drivetrain.ai/~gitbook/image?url=https%3A%2F%2F1383008947-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252FmByiugojsjqsjrYS7HGI%252Fuploads%252Fh15jucQ0oQGTbFcbpWXa%252FDrivetrain%2520sign%2520in%2520with%2520SSO%2520button.png%3Falt%3Dmedia%26token%3D2d07d7a5-d0be-4cf2-810c-046ae9ca4854\&width=768\&dpr=4\&quality=100\&sign=2331273a\&sv=2)3
{% endstep %}

{% step %}

### Assign users in your SSO Provider <a href="#assign-users-in-your-sso-provider" id="assign-users-in-your-sso-provider"></a>

In your SSO provider, assign the 'Drivetrain application' you created above to your users who will be using the application.
{% endstep %}

{% step %}

### Configure roles in Drivetrain <a href="#configure-roles-in-drivetrain" id="configure-roles-in-drivetrain"></a>

These users will additionally need to be added on the Drivetrain app with the appropriate [Role Based Access Control](https://docs.drivetrain.ai/user-administration-and-access/access-control-and-permissions) configuration in place to be able to access reports, models and metrics.

If you’re an admin on Drivetrain, you will be able to configure roles by heading over to **Settings > Users** (to add or remove users) and **Settings > Roles** (to manage user permissions).
{% endstep %}
{% endstepper %}

{% hint style="info" %}
For any additional queries, please reach out to your Drivetrain Customer Success Manager, or email us at <support@drivetrain.ai>
{% endhint %}