Teams & Workspaces

SSO Configuration

riogentix supports Single Sign-On (SSO) via SAML 2.0 and OIDC (OpenID Connect). Connect your existing identity provider so users log in with their corporate credentials.

Supported Identity Providers

Setting Up OIDC SSO (e.g., Okta)

Step 1 — Create an App in Okta

  1. Log in to Okta Admin console
  2. Applications → Create App Integration → OIDC → Web Application
  3. Set Sign-in redirect URI:
https://<your-tenant>.riogentix.com/auth/callback/okta
  1. Copy Client ID and Client Secret

Step 2 — Configure in riogentix

  1. Go to Settings → Identity Providers → + Add → OpenID Connect
  2. Fill in:

- Provider ID: okta - Display Name: Login with Okta - Discovery URL: https://<your-okta-domain>/.well-known/openid-configuration - Client ID and Client Secret from Step 1

  1. Click Save

Step 3 — Attribute Mapping

Map Okta attributes to riogentix user properties:

Okta Attributeriogentix Field
emailEmail
given_nameFirst Name
family_nameLast Name
groupsGroups

Setting Up SAML SSO

  1. Settings → Identity Providers → + Add → SAML 2.0
  2. Download the Service Provider Metadata XML
  3. Upload it to your IdP
  4. Paste the IdP Metadata URL back into riogentix
  5. Map SAML attributes → user fields
  6. Test with a non-admin account first

Enforcing SSO

To require all users to use SSO (disable password login):

  1. Settings → Security → Authentication Policy
  2. Enable SSO Required
  3. Existing password-only accounts will be prompted to link their SSO identity on next login

Just-In-Time Provisioning

When a user SSOs for the first time, riogentix can auto-create their account: