PRODUCT GUIDESAdministrationWorkspaces

Single Sign-On (SSO)

An overview on how to set up SSO for your Workspace.

SSO

Overview

SSO is currently only available for Enterprise customers, and only Workspace admins can use this feature. To upgrade, get in touch with our sales team.

Single Sign-On (SSO) allows your team to log in to ElevenLabs by using your existing identity provider. This allows your team to use the same credentials they use for other services to log in to ElevenLabs.

Guide

1

Access your SSO settings

Click on your profile icon located at the bottom left of the dashboard, select Workspace settings, and then navigate to the Security & SSO tab.

2

Choose identity providers

You can choose from a variety of pre-configured identity providers, including Google, Apple, GitHub, etc. Custom organization SSO providers will only appear in this list after they have been configured, as shown in the “SSO Provider” section.

3

Verify your email domain

Next, you need to verify your email domain for authentication. This lets ElevenLabs know that you own the domain you are configuring for SSO. This is a security measure to prevent unauthorized access to your Workspace.

Click the Verify domain button and enter the domain name you want to verify. After completing this step, click on the domain pending verification. You will be prompted to add a DNS TXT record to your domain’s DNS settings. Once the DNS record has been added, click on the Verify button.

4

Configure SSO

If you want to configure your own SSO provider, select the SSO provider dropdown to select between OIDC (OpenID Connect) and SAML (Security Assertion Markup Language). Note that only Service Provider (SP) initiated SSO is supported for SAML.

Once you’ve filled out the required fields, click the Update SSO button to save your changes.

Configuring a new SSO provider will log out all Workspace members currently logged in with SSO.

FAQ

What shall I fill for Identifier (Entity ID)?

  • Use Service Provider Entity Id

What shall I fill for Reply URL (Assertion Consumer Service) URL in SAML?

  • Use Redirect URL

What is ACS URL?

  • Same as Assertion Consumer Service URL

Which fields should I use to provide ElevenLabs?

  • Use Microsoft Entra Identifier for IdP Entity ID
  • Use Login URL for IdP Sign-In URL

What shall I fill for Audience Restriction?

  • Use Service Provider Entity Id

What shall I fill for Single Sign-On URL/Recipient URL/Destination URL?

  • Use Redirect URL

Which fields should I use to provide ElevenLabs?

  • Use Issuer for IdP Entity ID
  • Use Single Sign-On URL for IdP Sign-In URL
  • Please fill Recipient field with the value of Redirect URL.
  • One known error: Inside the <saml:Subject> field of the SAML response, make sure <saml:NameID> is set to the email address of the user.