Security & Access Control

Manage IP restrictions, Single Sign-On (SSO), and team permissions. Access these from Settings → Security tab (admin only).

IP Whitelist

Restrict workspace access to specific IP addresses.

Adding an IP Address

1. Click Add IP Address
2. Enter the IP address (e.g., 192.168.1.1 or 10.0.0.0/8 for CIDR ranges)
3. Add an optional description (e.g., "Office network", "VPN server")
4. Click Add to Whitelist

Supported Formats

• IPv4: 192.168.1.1
• IPv6: 2001:0db8:85a3::8a2e:0370:7334
• CIDR notation: 192.168.1.0/24

Managing IPs

Warning

When IPs are active, you'll see: "Only X whitelisted IP(s) can access this workspace. Make sure your current IP is included to avoid being locked out."

Plan required: Professional or higher

Single Sign-On (SSO)

Configure SAML-based SSO for enterprise authentication.

SSO Status

• Toggle SSO on/off with the switch
• Badge shows "Enabled" or "Disabled"

Domain Configuration

Set the SSO domain:

• Field: SSO Domain
• Example: company.com
• Effect: Users with @company.com emails are directed to SSO login

Identity Provider Configuration

Enter your IdP details:

Click Save Configuration when done.

Enforce SSO

When SSO is enabled, you can enforce it:

• Toggle Enforce SSO on
• Users must sign in through your identity provider
• Email/password login is blocked for users with SSO domain emails

Warning: "Enabling SSO enforcement will require all users to sign in via SSO. Users currently logged in with password will be logged out on their next visit."

Service Provider Details Tab

Provides URLs to configure in your IdP:

Supported Identity Providers

• Okta
• Azure AD
• Google Workspace
• OneLogin
• Auth0
• JumpCloud

Plan required: Enterprise

Team Permissions

View and manage role-based permissions in the Security tab.

Available Roles

See the Permissions section for a detailed feature-by-feature breakdown.