Mailisk

Appearance

Single Sign-On (SSO)

Mailisk uses OIDC-based SSO with just-in-time (JIT) user creation. SCIM provisioning is not currently supported.

What is SSO?

Single Sign-On (SSO) allows organizations to centrally manage how their teams authenticate and access services such as the Mailisk Dashboard.

Mailisk supports authentication via email, GitHub, and Enterprise SSO using OpenID Connect (OIDC). Users can sign in using identity providers such as Okta, Azure AD, and others. When a user signs in through SSO for the first time, a Mailisk account is automatically created.

SSO is available on all paid plans. We believe that strong security features should not be limited to enterprise-only pricing tiers.

Requirements

To configure SSO you will need:

  • An identity provider that supports OpenID Connect (OIDC)
  • Administrator access to your identity provider
  • A Mailisk account with permission to configure SSO

Integration Information

If you want to require users from your organization to authenticate through SSO, you can request domain enforcement. Once enabled, users with that email domain will only be able to sign in via SSO.

For example, users with @myorg.com will not be able to create an account or sign in using other methods—they must authenticate through the SSO login page.

Sign-in Redirect URI

https://api.mailisk.com/auth/openid/callback

Root API URL

https://api.mailisk.com

Linking existing users

If a user created a Mailisk account using another authentication method before SSO was enabled, their account will not automatically be linked to your organization’s SSO configuration.

To link an existing account to your SSO setup, please contact support@mailisk.com

Okta

  1. Navigate to Applications → Create App Integration in the Okta dashboard.
  2. Select OIDC – OpenID Connect and choose Web Application, then click Next.

Enter the following configuration:

  • Name: MailiskApp
  • Sign-in redirect URIs:
    https://api.mailisk.com/auth/openid/callback
  • Controlled access:
    Allow everyone in your organization to access (or choose another option based on your organization’s policy)

Click Save.

After the application is created:

  1. Open the newly created app integration.
  2. Copy the Client ID.
  3. Generate a Client Secret.

Next, go to the Mailisk SSO page:
https://mailisk.com/dashboard/sso

  1. Enter the Client ID and Client Secret.
  2. Enter the Issuer URL, this will be something like https://integrator-123456.okta.com. You can locate your Okta domain by clicking your username in the upper-right corner of the Admin Console.
  3. Enable SSO and click Save.

Finally, copy the generated SSO login link and share it with your team members. Team members can use this link to sign in to Mailisk using Okta.

Other

Check Integration Information section for useful links, and add according to your provider.