---
title: SSO and SCIM | Stainless
description: Set up single sign-on (SSO) and System for Cross-domain Identity Management (SCIM) for your Stainless organization.
---

SSO and SCIM are paid features. See our [pricing page](https://stainless.com/pricing) for details.

## SSO

We offer SSO as an option for our enterprise customers.

Enabling SSO is currently a manual process. If you’re an enterprise customer and want SSO enabled, [contact support](mailto:support@stainless.com) and let us know.

When SSO is enabled, you’ll be given a link that allows your IT or IdP team to configure an authentication provider. Once your provider is set up, new users will automatically be added to your Stainless organization with the Editor role (which can be changed by anyone with the Admin role).

SSO also works in the CLI, and the authentication process starts the same way: run `stl auth login`.

When using SSO, your users might have two Stainless accounts with the same email address if they sign in with GitHub first and then use SSO with the same email.

However, the opposite flow is blocked: users who try to sign in from GitHub with your enterprise’s domain will be asked to sign in with SSO instead.

SSO is handled by [WorkOS](https://workos.com), our enterprise identity infrastructure provider. For technical details, have a look at their [SAML integration](https://workos.com/docs/integrations/saml) and [SAML security](https://workos.com/docs/sso/saml-security) documentation.

For more information, [contact sales](mailto:sales@stainless.com).

## SCIM

Our SCIM support is currently in development. If you want to use SCIM with Stainless, [let us know](mailto:sales@stainless.com).