HomeDocsAPI Reference
Kumo.ai
Docs
Kumo.ai

SSO Configuration Guide

Setting up advanced session and user authentication mechanisms

Suggest Edits

Kumo partners with Auth0 to support a variety of secure single-sign-on mechanisms, in order to simplify user management for your team. The two easiest integrations are:

  1. Google Workplace Single Sign On
  2. OIDC - OpenID Connect - supporting many other services including Okta and Azure Active Directory

In order to enable Google Workplace Single Sign On for your environment -- no work is needed on your end. Simply notify your Kumo counterpart, and it can be enabled within hours.

The remainder of this document describes the process to set up OIDC. For the purpose of illustration, Okta is used as the OIDC provider, but these instructions should work with any other OIDC-compliant auth provider.

Okta Configuration

  1. Go to your Applications and create a new Application with the following settings:
  • Sign-in method: OIDC - OpenID Connect
  • Application type: Single-Page Application
  1. Under General Settings, make sure to select Grant types of Authorization Code and Implicit (Hybrid)
  1. Next, add the following sign-in and sign-out URLs
  • Sign In: https://auth.kumoai.cloud/login/callback
  • Sign Out: https://auth.kumoai.cloud/logout

NOTE: Please use auth.kumoai.cloud instead of kumoai.us.auth0.com as shown in the image above

  1. Select your preferred Assignment policy

  1. Click Save to create the App!

  2. Copy the Client ID and your Okta base URL

  • Example Client ID: 0oa654ok0jBdIJrpT5d7
  • Example Okta URL: dev-22499602.okta.com
  1. Send your Client ID and Okta Base URL to the Kumo team

You will receive a notification from Kumo when your SSO onboarding is complete.

Updated 3 months ago