How to Configure SSO for your Organization

SSO is only available on the Enterprise Plan. To learn more about this, please contact us from our Pricing Page.

Note: In order to configure SSO for your organization, you must have an Identity Provider (IdP) set up. This could be one of many existing providers (Okta, OneLogin, Auth0, Google G-Suite, ActiveDirectory, etc.) Please reach out to your IT team for assistance.

SSO for your Organization

If your organization requires additional security when using Framer, it is possible to enforce Single Sign-on (SSO). SSO is a way for companies to centralize providing access to services and products without having employees sign-up separately to each one of them.

Once SSO is enabled, users that input an email that match the company domain(s) will be prompted to log in with the same single sign-on credentials as they would for other services that use SSO.

Once SSO is enabled, it becomes the default authentication method. If you have some users who need access to your Framer team account, you will need to associate their email address to your identity provider (IdP). We also support Just In Time (JIT) provisioning.

We support two different SSO protocols:

  • SAML 2.0
  • OpenID Connect (OAuth 2.0)

Below is an overview of the protocols we support, as well as the steps to configure SSO for your organization.

SAML

In SAML terminology, Framer is a Service Provider (SP) and will need to communicate with your SAML Identity Provider (IdP) in order to sign in and receive the user’s information.

Configuring SAML for Framer

  1. Contact your Account Manager and let them know you’d like to set up SAML SSO

    Note: Please let us know if there is more than 1 domain that will need access to SSO (e.g. @framer.com & @design.framer.com)

  2. Your Account Manager will send you a SAML redirect URL

  3. Let your Account Manager know your IdP of choice so we can help you with the configuration steps

If you encounter any issues or if you have any questions, please do not hesitate to reach out to our Support Team.

OpenID Connect (OAuth 2.0)

OpenID Connect (OIDC) is an authentication protocol based on OAuth 2.0. If you would like SSO with OAuth, you might mean OIDC, which is often used on top or side-by-side with OAuth 2.0. In case you have doubts, please confirm that OpenID Connect is what you want.

Configuring OIDC for Framer

Below are the steps to configure OIDC SSO for your organization:

  1. Contact your Account Manager and let them know you’d like to set up SSO via OIDC

    Note: Please let us know if there is more than 1 domain that will need access to SSO (e.g. @framer.com & @design.framer.com)

  2. Your Account Manager will then send you a OIDC redirect URL

  3. Let your Account Manager know your IdP of choice so we can help you with the configuration steps

If you encounter any issues or if you have any questions, please do not hesitate to reach out to our Support Team.