Configure Single Sign-On on CoreWeave Cloud
Single Sign-On, commonly referred to as SSO, is an authentication scheme that allows the users in an organization to authenticate to CoreWeave Cloud from the same identity provider (IDP) used to log in to other organization-wide apps. Single Sign-On enhances security, and makes for a smoother log-in experience for your team.
CoreWeave organization admins can configure SSO from the admin dashboard on the Cloud UI.
Currently, the following IDPs are supported:
A single organization may have multiple SSO configurations, which is convenient in situations where multiple IDPs are used for different sets of users or teams.
Only CoreWeave organization admins may configure SSO. Additionally, organization admins will not be able to log in using SSO; this is to ensure that admins do not get locked out of CoreWeave Cloud in the event that an SSO configuration encounters an issue.
To add or edit SSO configurations, first log in to your CoreWeave Cloud account, then navigate to the Organization Management page. Below the Users section, find the SSO Configurations section.
The SSO Configurations area on the CoreWeave Cloud UI
To add a new configuration, click the Add Configuration button. To edit an existing configuration, select the pencil icon under the Actions column to the right of the configuration name.
The SAML SSO Setup modal
Adding or editing a configuration is done through the SAML SSO Setup modal. All SSO configurations are similar across IDPs, so most require the same information and the same process:
The IDP selector menu
From the Your IDP drop-down menu, select your IDP.
The CoreWeave-specific configuration values in the SSO module
The Assertion Consumer Service (ACS) URL and the service provider (SP) entity ID are provided in the following two fields. These values are required to complete your IDP's configuration.
IDP-provided fields, and the Display Name, in the SSO module
The fields Entity ID provided by the IDP, Single Sign-On URL, and X.509 Certificate provided by IDP are provided by your IDP. See the guide for JumpCloud, Okta, or the generic IDP setup instructions for further details.
See the IDP-specific configuration documentation for more information on these fields.
Finally, provide a name for the SSO configuration in the Display Name field that will make the configuration easy to identify.
Check the "Configuration Active" box to turn on the SSO configuration
Finally, once the other fields are complete, ensure the Configuration Active checkbox is checked before clicking the Save button. Checking this box, then clicking Save, will turn the SSO configuration on.