Please add corporate SSO for team accounts (e.g. Okta, Entra/Azure AD, Google etc.)

Sean

This would make it much easier to onboard users. Ideally, we would be able to allow anyone with a corporate email address to log into Kagi (ideally without inviting them specifically) via SSO that the company would set up via a provider like Okta, Entra, Google, etc. Then the user would automatically be added to the team plan.

Currently, you do provide OAuth login via Google, Microsoft, GitHub, and Apple to individual user accounts, but this is actually not functional for team accounts; if a user clicks the link in the invite email, it brings them to a screen where the only option is to set up a password. And if users just try to log in via Google or something using the same email address that the invitation was sent to, they do NOT get added to the team (they get a trial account). At least adding OAuth login for team accounts would be an improvement.

But even better would be full corporate SSO via SAML/OIDC and SCIM for full account management.

Full corporate SSO via SAML/OIDC and SCIM would provide automatic user invites and license additions for new employees, automatic account deprovisioning when employees leave, being able to specify which group(s) of users should get Kagi access (and of which license type), etc.

This would also give the benefit of force-enabling 2FA on user accounts, since we can force 2FA at the provider level.

prsteele

This feature would allow users to log into Kagi via single sign-on providers. This allows organizations to manage users' access to Kagi just like they manage access to other SaaS products. There would be no impact on existing workflows or user experience.

After navigating to Kagi.com as an unauthenticated user, they would be allowed to sign in via an SSO integration instead of providing a username and password.

Vlad

prsteele Yes, we plan to offer this as a part of Kagi for Business, we should launch later this year.