Connect to an identity provider
Integrate with an external identity provider (IdP) for single sign-on (SSO), centralized user management, and secure authentication.
About IdP integration
Connecting Camunda 8 to an external IdP allows you to:
- Use enterprise authentication (for example, Microsoft EntraID, Okta, Keycloak, Auth0).
- Centrally manage users in your IdP.
- Enable SSO for Camunda components.
- Enforce organization-wide security policies.
Self-Managed
Self-Managed deployments only support external IdP integration using OpenID Connect (OIDC) (for example, Keycloak, Auth0, Okta, EntraID via OIDC).
You can integrate an IdP with both the Identity (for the Orchestration Cluster) and Management Identity (for Web Modeler, Console, and Optimize).
- Connect Orchestration Cluster Identity to an identity provider
- Connect Management Identity to an identity provider
SaaS
Camunda 8 SaaS currently only supports external IdP integration using SAML or Azure Active Directory (EntraID).