Authentication Methods (SSO, Magic Link) β
KeyRunner supports two secure methods of authentication tailored to enterprise use cases: SSO (Single Sign-On) and Magic Link login.
π SSO (Single Sign-On) β
SSO is available for enterprise customers who want centralized authentication using their existing Identity Provider (IdP).
- KeyRunner acts as a Service Provider (SP)
- Customer's IdP acts as the Identity Provider (IdP)
- Supports SAML and OIDC protocols
- Enables seamless login, centralized user management, and audit compliance
- Role-based access can be mapped directly from IdP attributes
β Compatible with providers like Okta, Azure AD, Auth0, Google Workspace (OIDC), and more.
βοΈ Magic Link Authentication β
Magic Link is an alternative to SSO for customers who are piloting the enterprise version without full IdP integration.
- Passwordless login via secure, time-limited email links
- Ideal for evaluations, POCs, and temporary workspace access
- Scoped to user, workspace, and role
β οΈ Not intended for long-term or production-grade access. We recommend migrating to SSO for scale and security.
π« What We Don't Support β
To maintain security standards:
- β No social login (e.g., Google, GitHub, Facebook)
- β No username/password login for enterprise accounts
This ensures compliance with zero-trust principles, avoids shared credentials, and maintains a clean audit trail for every session.
Need help configuring SSO for your org or rolling out Magic Link access for pilots? Reach out to us β weβre happy to guide your team through setup.