SSO is available for Scale and Enterprise accounts. Contact sales to upgrade.
Supported Providers
Together supports SSO via SAML and OIDC protocols with these Identity Providers:- Google Workspace
- Okta
- Microsoft Entra (Azure AD)
- JumpCloud
| Provider | Protocol | Setup Guide |
|---|---|---|
| Most IdPs | SAML | SAML setup guide |
| Most IdPs | OIDC | OIDC setup guide |
| Okta | SAML | Okta SAML setup guide |
| Okta | OIDC | Okta OIDC setup guide |
| Google Workspace | SAML | Google Workspace SAML setup guide |
| Microsoft Entra | SAML | Microsoft Entra SAML setup guide |
| Microsoft Entra | OIDC | Microsoft Entra OIDC setup guide |
What SSO Enables
- Automated provisioning. Members are added to your organization automatically when they authenticate through your IdP.
- Centralized offboarding. Deactivate a user in your IdP and their Together access is revoked.
- Shared resources. SSO members can collaborate on fine-tuned models, inference analytics, clusters, and billing within their projects.
- Audit trail. Individual authentication means you can track who did what.
Setting Up SSO
Contact support or your Account Executive with:- Your company’s legal name
- The email domain(s) to associate (e.g.,
@yourcompany.com) - Which Identity Provider you use
- The email address of the initial account owner
Migrating from Legacy Enterprise Sign-On
If your team currently uses a shared username/password enterprise account, we recommend migrating to SSO. Shared credential accounts will be deprecated in the coming months. Benefits of migrating:- Individual accountability (each person has their own login)
- Automated onboarding/offboarding through your IdP
- Stronger security (no shared passwords)
- Access to role-based permissions and multi-project support
Session Management
Together manages its own session timeouts independently from your IdP’s default settings. Session duration and re-authentication requirements are configured on the Together side.FAQs
Can I use SSO and email invitations together?
Can I use SSO and email invitations together?
No. Organizations use either SSO or invitation-based membership, not both. If SSO is enabled, all members authenticate through your IdP.
What happens to existing members when I enable SSO?
What happens to existing members when I enable SSO?
Existing members will need to re-authenticate through your IdP on their next login. Their resources and project membership are preserved.
Can I configure SSO myself?
Can I configure SSO myself?
Not yet. Self-service SSO configuration is on our roadmap. For now, our team handles setup.
What’s Coming
- Spend controls per member or project
- Self-service SSO configuration
- SCIM provisioning for automated group and role sync
Related
Together's IAM Model
How users, credentials, and resources fit together
Organizations
Manage your org and membership
Roles & Permissions
What Admins and Members can do