Plus plan subscribers can opt to enable SAML for their workspace.
Getting Started
We currently support most identity providers (Okta, OneLogin, LastPass, Auth0, Bitum, etc.) outside of Azure (Microsoft).* If you don't use SAML, the Plus plan also lets you remove the "login via email" authentication option so that users in your workspace must login with Google SSO.
Step 1: Upgrade to the Plus plan
Upgrade on the Plans page. If you're moving from an existing plan to the Plus plan, your current subscription will be canceled and a credit will be applied to the new Plus plan subscription.
You will receive an email with the instructions on how to set up SAML after subscribing. If you haven't received it within 24 hours, please reach out.
Step 2: Configure Linear in your identity provider
You'll update your
Entity ID / Audience URL, Issuer ID, and Single Sign-On URL. We'll share specific, unique links to use in the email. Step 3: Send us the following account information
Only after you've added Linear to your identity provider, please share the following information with us:
- Endpoint
- Signing algorithm
- Signing certificate
We'll set the following defaults when configuring your account. Please let us know if we should update them to something else.
- Allowed domains:
your email address domain
- Binding:
post[other option: redirect]
- Signing Algo:
sha256[other options: sha1, sha512]
Step 3: Coordinate a time to enable and test your SAML integration
We'll reach out once we've configured SAML so that we can coordinate a time when we'll enable the integration and give you a chance to test it to ensure it's configured correctly. You'll test it on your own and with another user who is not an admin.
How it works
Once SAML is enabled, all users in your workspace will be required to login via SAML. They can login via your identity provider's website or by clicking the option to Sign in with SAML/SSO on the Linear login page. They will not be able to load Linear if they try to login with Google or email.
