# Single Sign On (SSO)

{% hint style="info" %}
Single Sign On (SSO) is a **premium** feature, only available for Enterprise.

For up-to-date information on our plans and their associated features, see our pricing page.
{% endhint %}

Enterprise customers can request Single Sign On authentication.

This is useful if you have enterprise authentication requirements around using software with SSO.

To learn more about Single Sign On, contact the [Roboflow sales team](https://roboflow.com/sales) or your account representative.

## SSO Profile-Based Authorization Groups

Enterprise customers using SSO can configure **authorization group attributes** to automatically assign users to Roboflow authorization groups based on their identity provider (IdP) profile attributes, such as Active Directory (AD) group memberships.

When a user signs in via SSO, Roboflow reads the specified attributes from the SSO profile's `sign_in_attributes` and maps them to Roboflow authorization groups. This allows you to manage access control through your IdP rather than manually assigning groups in Roboflow.