Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.clarion.cantina.xyz/llms.txt

Use this file to discover all available pages before exploring further.

Single Sign-On (SSO) lets your team log into Clarion with their existing identity provider. Clarion currently supports Microsoft Entra ID (formerly Azure AD).

What SSO gives you

  • Centralized authentication: Members log in through your IdP. No separate Clarion password.
  • Lifecycle parity: When a member leaves your organization in your IdP, their Clarion access goes with it.
  • MFA inheritance: Whatever MFA policy you enforce in your IdP applies to Clarion.

Setup overview

  1. Add Clarion as an enterprise app in Microsoft Entra ID.
  2. Assign the users or groups who should have access.
  3. Provide the tenant ID and any required claim mappings to Clarion through the SSO settings page.
  4. Test sign-in with a non-admin account before enforcing SSO workspace-wide.
See Microsoft Entra ID for the full step-by-step setup.
Once SSO is enforced, members can only sign in through your IdP. Make sure at least one workspace admin has a verified IdP account before enabling enforcement.