docs(single-sign-on): add SSO activation verification step#1506
Open
george-dilthey wants to merge 1 commit into
Open
docs(single-sign-on): add SSO activation verification step#1506george-dilthey wants to merge 1 commit into
george-dilthey wants to merge 1 commit into
Conversation
Contributor
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What changed
Added a "Confirming SSO enforcement is active" verification paragraph to the "What happens when SSO is enabled" section of
docs/single-sign-on.md. The new paragraph tells admins how to verify that Clay support has activated SSO for their workspace: open a private/incognito browser, enter a company email, click Continue — if SSO is active they'll be redirected to their IdP.Why
An Enterprise customer (Komodo Health) with SSO already set up asked: "We have SSO set up but how can I confirm that SSO is required in our Clay set up?" (Intercom conversation
215475012286586). Fin did not handle this — a human support rep answered. The existing SSO doc describes what happens when SSO is enabled (domain-based browser redirect) and describes the sign-in flow, but does not include an explicit verification step an admin can use to confirm SSO activation is complete. This was the specific gap that prevented Fin from answering directly.The same conversation also asked about SCIM availability — that's already covered in the "User provisioning" section ("Clay does not currently support SCIM provisioning"), so no change needed there.
Source link(s)
clay-base/apps/api/v3/auth/services/auth.service.tsandclay-base/apps/frontend/src/routes/LoginPage.tsx:270–286confirm domain-based frontend redirect to SSO when user enters their email and continues. Liveness confirmed (no feature flag).Uncertainties
None. The added verification step describes the browser-level SSO redirect behavior, which is verified against code. The doc already correctly documents (in the existing bullet points and MFA section) that password-based login is not blocked at the backend — the new paragraph is consistent with that nuance and does not contradict it.
Related observations
Closes DOC-1087