# Security & Auth

StepSecurity supports **Single Sign-On (SSO)** to help organizations manage user access in a secure and centralized way.

You can enable SSO using popular identity providers like **Okta**, **Google Workspace**, or **Microsoft Entra ID**. To set this up for your organization, please [**contact us**](https://www.stepsecurity.io/contact)**,** and we’ll help you get started.

Once SSO is enabled, you can enforce it across your organization to ensure that all members sign in using your configured identity provider. 

StepSecurity also offers SCIM-like functionality, allowing administrators to map StepSecurity authentication roles to SSO groups for streamlined user provisioning and role management.

In addition to SSO, members can also sign in using their **email and password** or **GitHub account**, depending on your chosen configuration.

From this page, you can:

* Configure SSO settings — Set up and manage Single Sign-On (SSO) for your organization.
* Enforce SSO for all members — Require all users to sign in using SSO to enhance security and ensure centralized access control.
* Select allowed login methods — Choose which authentication options are available (SSO, GitHub, or email/password).
* Disable API Key Authentication — Toggle API key access. The default setting is false (API key authentication enabled).
* Set idle session timeout — Specify the duration (in minutes) of allowed inactivity before users are automatically logged out.

<figure><img src="https://754495266-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FQJRZY4cfEeY3I7DXTOCp%2Fuploads%2FGAO72UvWXGJxHtDt4jom%2FScreenshot%202025-11-12%20at%2014.11.37.png?alt=media&#x26;token=6b89d253-20aa-4dcc-9ad5-d1c7ff6ced7f" alt=""><figcaption></figcaption></figure>