Overleaf docs
Plans and pricingTemplatesUser docsGo to Overleaf
Groups
Groups
  • Welcome
  • Getting started
    • How to create a group
    • Accessing your admin settings
  • User management
    • How to add and remove users
    • Roles and permissions
    • Managed Users
  • Overleaf Group single sign-on
    • Setting up Group SSO
      • Plan for success
      • Step 1: Add Overleaf to your Identity Provider
      • Step 2: Configure your SSO settings with IdP metadata
      • Step 3: Verify the connection between your IdP and Overleaf
        • Group SSO test troubleshooting
      • Step 4: Enable SSO for your team
    • Linking users to Group SSO
    • Maintaining Group SSO
    • Group SSO FAQs
  • Subscription management
    • Renewing a subscription
    • Switching plans
    • Updating billing information
    • Accessing invoices and receipts
  • Troubleshooting and support
    • FAQs
    • Overleaf user docs
    • Contact support
Powered by GitBook
LogoLogo

Discover Overleaf

  • Home
  • Features

Solutions

  • Plans and pricing
  • For universities
  • For business
  • For government

Resources

  • Templates
  • User docs and LaTeX learning
  • Blog

© Overleaf

On this page

Was this helpful?

Export as PDF
  1. Overleaf Group single sign-on

Group SSO FAQs

Find answers to common questions about Overleaf Group SSO.

What kind of SSO do you support?

Overleaf offers a standard SAML-based SSO integration.

How do I set it up?

If you’re the administrator of an Overleaf Group Professional subscription, group SSO is one of the optional features you can turn on for your group. To set up group SSO your users must be set up in an Identity Provider (IdP) that supports SAML 2.0, and you must be able to add Overleaf as a Service Provider in your IdP. See the Setting up Group SSO guide for the steps to follow.

Do you support Just in Time (JIT) Provisioning of user accounts?

Yes. Overleaf accounts are provisioned by users who receive email invitations to join their account to the group and link to their SSO identity.

Do you support SCIM?

Individual users provision their own Overleaf accounts, System for Cross-domain Identity Management (SCIM), is a standard for automation of user provisioning. Because your system will not be provisioning users in Overleaf, SCIM isn’t supported or required.

Does a user need to be created in our IdP before they create an Overleaf account?

If your subscription has SSO enabled, it’s best to have users created in your IdP before they’re invited to join the subscription. This allows users to create their Overleaf accounts, link to their SSO identity, and join your subscription in one step. However, this is not required, as your team members can link their Overleaf account to their SSO identity at any time.

If I delete a user in my identity system, will their Overleaf account be deleted?

No. Deleting a user in your IdP will not delete their account in Overleaf. Overleaf accounts are deleted in Overleaf by the account owner. This is either the user themselves or the manager of the account (when Managed Users is enabled).

Can SSO be made an exclusive login option?

Yes. If your group uses our Managed Users feature, the managed user accounts will be set to use SSO exclusively. See Linking users to Group SSO. Users will have to create a temporary Overleaf-specific password during the account creation and SSO linking process. For each user, SSO will become exclusive once they have linked their SSO identity to their Overleaf account and accepted the invitation to have their account managed. Administrators can check on the management and SSO status of each account on their group administration page.

I'm seeing an error when I try to log in—what do I do?
PreviousMaintaining Group SSONextRenewing a subscription

Last updated 4 months ago

Was this helpful?

Please see for troubleshooting suggestions. If you’re still having problems, please notify your group administrator and if the issue cannot be resolved by them.

Logging in with group single sign-on
contact us