Sorry, the InVision Help Center does not support Internet Explorer. Please download Microsoft Edge or another modern browser.

[[ description || "Loading status..." ]]
Contact Us
  1. InVision Support
  2. Getting Started
  3. Cloud V7 Enterprise
  4. SSO and SCIM Provisioning
Search

[[ category ]]

[[ slotProps.item.section.title ]]

No results found for the query [[ query ]]

Community
[[ slotProps.item.topic.name ]]

No results found for the query [[ query ]]

View all results

Getting Started

Important links

Related articles

InVision Cloud V7: SSO Settings

This article provides answers for InVision Cloud V7 only. If you're using V6 of InVision, read this article instead. Not sure which version you're using? Find out now.

After you have configured settings in your identity provider (IdP), you will need to configure SSO settings in InVision Cloud V7.

SSO in Cloud V7 is only available for Enterprise plans. To set up SSO, you must be an owner or admin on the Enterprise account.

Accessing SSO settings

To access your SSO settings:

  1. Sign in to your InVision Cloud V7 Enterprise account.
  2. At the top of the page, click Team.
  3. Click Settings tab, and then click Single sign-on.
  4. Toggle on Require SSO for every member of [your enterprise team].
    invision-cloud-v7-enterprise-require-sso.gif
  5. Complete the form, using the appropriate information from your IdP's metadata file.
  6. Click Update.

Fine-tuning your sign-in experience

Within the SSO settings, there are two options that let you customize the sign-in experience:

  • Allow users to sign in without SAML
  • Allow Just-in-Time provisioning

Allow users to sign in without SAML

If this setting is toggled on (invision-cloud-v7-team-setting-toggle-on.png), members of your team can choose to sign in via your IdP or by using their InVision email and password.

Enabling this setting can also save time and hassle, as it allows users outside of your company—people who don’t have SSO accounts with your company—to access your InVision team.

Allow Just-in-Time provisioning

If Just-in-Time provisioning is toggled on (invision-cloud-v7-team-setting-toggle-on.png), here's what to expect:

  • Anyone who you have previously authorized—via your IdP app—can automatically join your InVision Enterprise team when signing in via SSO for the first time.
  • You'll choose which default role will be assigned to people who join the team via Just-in-Time provisioning:
    • Guest: People with the external guest role can only access documents and spaces they are invited to.
    • Member: People with the team member role can preview and join all open documents and spaces.

If Just-in-Time provisioning is toggled off (invision-cloud-v7-team-setting-toggle-off.png), you'll add a custom message to let prospective new members know how to request access and join your team:

invision-cloud-v7-sso-settings-request-access-message.gif

Configuring your IdP for use with InVision

For information on setting up SSO with a specific IdP, check out one of these articles:

Related articles

Learn something new

Getting Started Guides

Get the details you need for smooth sailing with InVision Cloud.

Learn Basics

Explore the world’s most powerful screen design tool.

Learn Studio

Learn how to best build your design system in DSM.

Learn DSM

Hit the ground running with InVision Cloud V7—available in limited capacity through our Early Access program.

Learn Cloud V7

Get familiar with basics and best practices for InVision Enterprise.

Learn Enterprise