Configure single sign-on exceptions

Single sign-on (SSO) lets people in your organization sign in without a lot of manual entry or configuration on your part. However, sometimes you need people to join your Abstract organization who you don't want to have access credentials on your identity provider (IdP), such as contractors, freelancers, and clients.

If you need someone to sign into your Abstract organization who isn't on your IdP — or if you want to add an admin in case of an SSO error — you can set an exception for that person. When someone on the manual exceptions list tries to log in to your organization, they're prompted to log in with the email and password associated with their Abstract account.

Warning: SSO exceptions bypass the login security protocols of your SSO provider. Be cautious when adding people to the list.

To add an SSO exception:

  1. Open the Abstract app (desktop or web).

  2. In the left side pane, click on the organization name.

  3. From the dropdown, select Organization Settings.

  4. Select the Permissions tab.

  5. Scroll down to the Configure SSO section.

  6. In Manual exceptions, enter the email address you want to let bypass SSO. If you want to add more than one address, separate them with a comma.

  7. Click Save changes.

When the person you added to the manual exceptions tries to log in, they're prompted to enter the email address and password associated with their Abstract account.