Skip to main content

Configure SSO Login on self-hosted Lightdash instances

These variables enable you to control Single Sign On (SSO) functionality.

VariableDescriptionRequired?Default
AUTH_DISABLE_PASSWORD_AUTHENTICATIONIf "true" disables signing in with plain passwordsfalse
AUTH_GOOGLE_OAUTH2_CLIENT_IDRequired for Google SSO
AUTH_GOOGLE_OAUTH2_CLIENT_SECRETRequired for Google SSO
AUTH_OKTA_OAUTH_CLIENT_IDRequired for Okta SSO
AUTH_OKTA_OAUTH_CLIENT_SECRETRequired for Okta SSO
AUTH_OKTA_OAUTH_ISSUERRequired for Okta SSO
AUTH_OKTA_DOMAINRequired for Okta SSO
AUTH_OKTA_AUTHORIZATION_SERVER_IDOptional for Okta SSO with a custom authorization server
AUTH_ONE_LOGIN_OAUTH_CLIENT_IDRequired for One Login SSO
AUTH_ONE_LOGIN_OAUTH_CLIENT_SECRETRequired for One Login SSO
AUTH_ONE_LOGIN_OAUTH_ISSUERRequired for One Login SSO