SSO integration guide
Brex allows your team to utilize an SSO with your Identity Provider (IdP) by leveraging OpenID Connect (OIDC) or Security Assertion Markup Language (SAML).
Step 1: Benefits
Brex’s SSO integration provides a seamless way to sign in with your own IdPs and also eliminates the need for employees to enter credentials to prove their identities repeatedly. After the initial setup effort, SSO gives you:
More control to easily turn off employee access
Greater security in a remote-first world
Greater speed and efficiency with Brex
Step 2: Requirements
To use SSO with Brex, you will need:
An Identity Provider (IdP) to facilitate SSO that supports either OpenID Connect (OIDC) or SAML protocol such as Okta, OneLogin, Google Workplace, etc.
A technical point-of-contact who can provide Brex engineers with the following SSO configuration information:
For OIDC configurations:
A customer’s Client ID and Client Secret
A customer’s OIDC domain URL where the /.well-known/openid-configuration endpoint is hosted
Employee email domain
For SAML configurations:
Identity Provider Single Sign-On URL
Identity Provider Issuer
(Optional) IDP metadata XML file
Step 3: Setup instructions
Currently, there is no self-service onboarding flow. Please contact Brex Support to connect to SSO using the appropriate instructions linked below.
When exchanging SSO configuration data, Brex Support will provide a SendSafely link, which lets you safely exchange encrypted files and information directly with Brex.