Authentication & SSO

Subsalt can integrate with many SSO identity providers and can also self-manage accounts via an internally-hosted Keycloak instance. Organizations are limited to either SSO via an identity provider or Subsalt-managed accounts; if you need to support both then you can create multiple organizations to manage more complex user configurations.

Read more about User management for Subsalt-managed accounts.

Authenticating to query endpoint

All users must use a Subsalt-managed password for connecting to the query endpoint; users can update their passwords themselves in the Profile > Access credentials section of the portal.

Administrators can also reset passwords for other users in the Organization > Accounts section of the portal. Read more about this functionality in the User management section.

Subsalt requires that users in SSO-based organizations create a dedicated password for Running queries; this security precaution ensures that the Subsalt system is never exposed to sensitive credentials that it's not responsible for managing.

PreviousProjects NextAccess control and sharing

Last updated 6 days ago