Codeium Teams now supports sign in with Single Sign-On (SSO) via SAML. If your organization uses Microsoft Entra, Okta, Google Workspaces, or some other identity provider that supports SAML, you will be able to use SSO with Codeium.
For now this feature is in private-beta, and will require explicit opt-in in order to use SSO. Please contact Codeium if you're interested in enabling SSO.
Note that Codeium only supports SP-initiated SSO; IDP-initiated SSO is NOT currently supported.
Configure IDP Application
Create an Enterprise Application with your identity provider. Click on Add, and then Enterprise Application.
Click on Create your own application
Name your application Codeium, select Integrate any other application you don’t find in the gallery, and then click Create
Configure your enterprise application with SAML
- Click on Set up single sign on in the new Codeium application, and then Click on SAML
- Click on Edit under Basic SAML Configuration, and open up the Codeium Teams SSO settings at https://www.codeium.com/team/team_settings
- On Entra’s SAML configuration form and Codeium SSO settings page
- For Identifier (Entity ID), copy the SP Entity ID value in the SSO settings page
- For Reply URL (Assertion Consumer Service URL), copy the Callback URL value in the SSO settings page
- Click Save at the top
- Pick the SSO ID you want to use, which creates a login portal for your team. Note that this is not changeable after this is saved.
- Fill out IdP Entity ID in the settings page with the value in Entra ID under Set up Codeium -> Microsoft Entra Identifier
- Fill out SSO URL in the settings page with the value in Entra ID under Login URL
- Download the SAML certificate (Base64), get the text content of the file, and paste it to X509 Certificate on the Codeium settings page
- Click on Enable Login with SAML
- Click Save in the Codeium settings page
- We also need to set up name claims. This step is important in order for Codeium to know the display name of the user.
- Under Attributes & Claims under Entra ID, click on Edit
- Create 2 new claims. You can do so by clicking on Add new claim
- The first claim should have ‘firstName’ as the Name, and ‘user.givenname’ as the Source attribute
- The second claim should have ‘lastName’ as the Name, and ‘user.surname’ as the Source attribute
- At this point you should have successfully configured SSO. Under Save in the settings page, click on Test Login to make sure everything works as expected.