Single-Sign-On overview

Last updated: April 7, 2026

Single Sign-On (SSO) allows users to access multiple applications with one set of login credentials. Enabling SSO on ComplyAdvantage Mesh streamlines the login process for your teams, enhancing security and reducing the need to manage multiple passwords.

 

Supported protocols and identity providers

ComplyAdvantage Mesh supports the following SSO protocols:

  • SAML 2.0

  • OIDC (OpenID Connect)

We recommend OIDC, as it is a more modern protocol with a simpler setup.

The most common identity providers include:

  • Okta

  • Azure Active Directory (AD)

  • Google Workspace

  • Auth0

  • OneLogin

Unsupported capabilities

The following capabilities are currently not supported:

  • System for Cross-domain Identity Management (SCIM)

  • Identity Provider Initiated (IdP-initiated) SSO

Permissions

Permissions are managed directly within the ComplyAdvantage Mesh platform and are not dictated by user profiles from the client's identity provider.


Using SSO and other login methods

You have the flexibility to choose how users log in:

  • Make SSO the only login method.

  • Allow users to log in with either SSO or their username and password.

  • Continue with the traditional username and password login.


Setting up SSO

To set up Single Sign-On for your organization, please reach out to our support team.

For an OIDC configuration, follow these steps:

  1. Add the following URL to the list of authorized redirect URIs & callbacks:
    http://ca-platform-prod.eu.auth0.com/login/callback

  2. Provide the following details to our support team:

    • clientId

    • clientSecret

    • issuer URL

For a SAML configuration, please reach out to our support team in the first instance.