---
locale: "en"
updated_at: "2025-10-27T22:49:27.779Z"
canonical: "https://www.isdecisions.com/en/userlock/docs/guides/sso/configure-the-applications/slite"
---

# Configure Slite for UserLock Single Sign-On (SSO)

Enable SSO authentication for Slite workspace.

## Introduction

This guide explains how to integrate **Slite** with **UserLock Single Sign-On (SSO)** using the **OAuth 2.0** protocol.

Once configured, Slite logins are authenticated by **UserLock** against **Active Directory**, allowing administrators to enforce UserLock [access policies](/userlock/docs/reference/core-concepts/access-policies) (MFA, time, machine, or location restrictions) on SSO sessions.

🚩 **Before starting:**

- You must have an active **Slite organization account**.
- **UserLock SSO** must already be [installed and configured](/userlock/docs/guides/sso/install-configure-sso).

## Step 1. Enable Slite in UserLock SSO

1. In the **UserLock console**, go to ⚙ **Server settings ▸ Single Sign-On**.
2. In the list of applications, select **Slite**.
3. Fill in the fields with the following values:
  | Settings | Values |
  | --- | --- |
  | Client ID | Slite’s unique identifier. You can enter any custom value, such as `slite_35132645321` or `slite_contoso.com`. |
  | Client Secret | Secret key shared between Slite and UserLock SSO.  You can use the suggested secure secret or define your own. |
  👉 **Keep both values on hand**, you’ll need them when configuring Slite.
4. Save the profile.

![](https://a.storyblok.com/f/122374/592x768/039fbcb16e/slite_settings.PNG)

## Step 2. Configure Slite for Single Sign-On

1. Open your browser and go to:
`https://<your_slite_domain>.slite.com/app/settings/organization/authentication`
*(Replace *`<your_slite_domain>`* with your Slite subdomain.)*
2. In **Provider Name**, enter **UserLock SSO** (or another descriptive name).
This name will appear on the login screen for end users.
3. In **Provider URL**, enter your **UserLock SSO server URL**
*(IdP Issuer URL, e.g. *`https://sso.contoso.com`*)*
4. In **Client ID**, enter the value defined in **UserLock**.
In **Client Secret**, enter the corresponding secret key.
5. Click **Validate and save** to finalize the setup.

![](https://a.storyblok.com/f/122374/610x447/ef0a00bb37/slite-set-up.png)

![](https://a.storyblok.com/f/122374/471x402/99f298c78b/slite-sign-into.png)

## Troubleshooting

For common issues, see [Troubleshooting SSO](/userlock/docs/support/troubleshooting/sso-issues).
If the problem persists, please contact [IS Decisions Support](/support).

### Validation fail

If validation fails in Slite, an error will appear in the browser URL under the `sso_setup_failure` field.

**Example:**

- **SequelizeUniqueConstraintError** — The user performing the setup in Slite is not the same as the user identified by the SSO validation process, and that user already exists in Slite (as a member or invited user).
→ Remove this user from **Members** or **Invitations**, then retry.
Alternatively, perform the setup with the same user on both sides.

## Next steps

You can extend the security of SSO sessions by applying UserLock access policies in addition to authentication.

- [Apply MFA on SaaS connections](/userlock/docs/guides/mfa-implementation/mfa-for-sso) to require stronger authentication.
- [Hour restrictions](/userlock/docs/reference/access-policies/time-restriction): define when users are allowed to connect.
- [Geolocation rules](/userlock/docs/reference/access-policies/geolocation): enforce access policies based on user location.
- [Session limits](/userlock/docs/reference/access-policies/session-limit): allow or deny SaaS logins entirely for specific users.
