> ## Documentation Index
> Fetch the complete documentation index at: https://help-center-starter-replace-template-content.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Sign-in and security

> Authentication options, SSO, and security best practices for your Mintlify account.

Mintlify supports several authentication methods. Choose the one that fits your team's security requirements and identity provider setup.

## Authentication options

* **GitHub or GitLab OAuth** — Sign in with your Git provider account. Fast to set up and familiar to developers.
* **Email and password** — Standard email-based login with an optional magic link.
* **SAML SSO** — Available on Growth and Enterprise plans. Connect your identity provider (Okta, Azure AD, Google Workspace, etc.) for centralized authentication.

### Enabling SSO

SSO is configured at the organization level by an Admin:

1. Go to **Settings → Security → SSO**.
2. Select your identity provider.
3. Enter the metadata URL or upload the XML metadata file from your IdP.
4. Map the required attributes (email, name).
5. Test with a pilot user before enforcing SSO for all members.

<Warning>
  Keep at least one non-SSO admin account as a break-glass access method while you validate SSO. If the IdP configuration is wrong, you could lock everyone out.
</Warning>

## Sessions

Mintlify sessions stay active until you sign out or the session expires. If your organization requires shorter session lifetimes, configure the session duration in **Settings → Security**.

## Best practices

* Use a dedicated service account to connect Mintlify to your CI/CD pipeline rather than a personal account — this prevents access loss when team members change.
* Rotate API keys periodically and immediately when someone with access leaves the team.
* Review connected OAuth apps quarterly and revoke any you no longer use.
