Home / Launchpad / Documentation

Single Sign-On

Launchpad supports enterprise Single Sign-On (SSO) integration, allowing developers to authenticate using your organization's identity provider.

Availability

SSO is available on Growth tier and above. Contact sales for Enterprise SSO options.

Supported Protocols

SAML 2.0

Industry-standard protocol for enterprise SSO:

  • Service Provider (SP) initiated login
  • Identity Provider (IdP) initiated login
  • Signed assertions
  • Encrypted assertions (optional)

OpenID Connect

Modern OAuth 2.0 based protocol:

  • Authorization Code flow
  • PKCE support
  • ID token claims mapping
  • Refresh token support

Supported Identity Providers

Launchpad supports SSO with the following identity providers:

  • Auth0 — Modern identity platform with flexible login methods (see below)
  • Ping Identity (PingID) — Enterprise identity and API security

Auth0

Auth0 integrates with Launchpad via OpenID Connect (OIDC). You can enable one or more login methods in your Auth0 tenant and present them to developers through the Universal Login experience.

Auth0 Login Methods

Auth0 supports multiple ways for users to sign in. Configure these in the Auth0 Dashboard under Authentication → Social, Authentication → Database, and Authentication → Passwordless.

  • Database (Username/Password) — Built-in user store with email or username login, password policies, and account lockout.
  • Social / Federated — Sign in with Google, Apple, GitHub, Microsoft, Facebook, LinkedIn, and other social or OIDC/SAML providers.
  • Passwordless — Magic link (email) or one-time code via SMS or email for passwordless authentication.
  • Enterprise (SAML / OIDC) — Connect Auth0 to your existing IdP (e.g., Okta, Azure AD) so users sign in with corporate credentials through Auth0.
  • Multi-Factor Authentication (MFA) — Optional second factor (authenticator app, SMS, push) for any connection.
  • Custom / Legacy — Custom database scripts or AD/LDAP connectors for legacy systems.

In Launchpad, you configure Auth0 as a single OIDC provider; the choice of login method (social, password, passwordless, etc.) is handled entirely within Auth0’s Universal Login.

Ping Identity (PingID)

Ping Identity (PingFederate, PingOne) can be used with Launchpad via SAML 2.0 or OpenID Connect. Configure your Ping environment as the Identity Provider and use the SAML or OIDC setup steps in the sections below.

SAML Configuration

Setup Steps

  1. Navigate to Configuration → SSO Authentication
  2. Select Auth0 or PingID
  3. Configure SSO credential
  4. Enable SSO

Attribute Mapping

Map IdP attributes to Launchpad user properties:

Launchpad Field Common SAML Attribute Required
Email email, mail, NameID Yes
First Name firstName, givenName No
Last Name lastName, surname No

All User Sessions

Launchpad provides an All User Sessions settings page so you can track every active user session across your developer portal. Administrators can view all sessions and end any user session when needed—for example, to revoke access for a specific user or to force re-authentication after a security event.

To manage sessions, go to Settings → All User Sessions. From there you can see active sessions (user, device, location, and last activity) and use the option to end individual or bulk sessions.