For: admin · owner

Enable SSO for your tenant

Tenant-admin flow: pick SAML or OIDC, paste metadata from your IdP, test, enforce.

Open /settings/sso and pick SAML 2.0 or OIDC. The page shows the QEHS-side metadata you need to paste into your IdP.

Register the app in your IdP (Okta, Entra ID, Google, JumpCloud, OneLogin, Ping…) and paste the IdP metadata (SAML cert + Entity ID, or OIDC discovery URL) back into QEHS.

Map attribute claims — email (required), first name, last name, groups.

Test with a single user. When green, toggle "Enforce SSO" to require it for all members.

See Developer portal → IdP guides for per-IdP screenshots.

Reset my password
Use the sign-in page link, or — if SSO — talk to your IdP admin.

Still stuck? Open a support channel or talk to our team.

Enable SSO for your tenant

Related articles