Signing in to Kula
Last updated: March 17, 2026
The Security section under Organization Settings allows Super Admins to control how users sign in to Kula. You can enable or disable individual sign-in methods, and configure Single Sign-On (SSO) with your organization's identity provider.
To access this page, navigate to Settings → Organization → Security
This article covers:
1. Sign-in Options Overview
2. Email & Password
3. Google
4. Microsoft
5. Single Sign-On (SSO)
Sign-in Options Overview
The Sign-in options section displays all available authentication methods for your organization. Each method can be toggled on or off using the toggle switch on the right. Enabled methods will be available on the Kula login screen for all users in your organization.
Sign-in Method | Description | Setup required |
Note: Only Super Admins can enable or disable sign-in methods. Changes take effect immediately for all users in the organization.
Email & Password
The Email & Password method allows users to sign in to Kula using the email address and password they registered with. This is the default sign-in method and is enabled by default for all organizations.
How it works
The user navigates to the Kula login page.
They enter their registered email address and password.
On successful authentication, they are signed in to Kula
Enabling or disabling
Use the toggle next to Email & Password in the Sign-in options section to enable or disable this method. If disabled, users will not be able to log in using email and password and must use an alternative method that is enabled.
Note: It is recommended to keep at least one sign-in method active at all times to avoid locking users out of the platform.
The Google sign-in option allows users to authenticate using their Google account. When enabled, a Sign in with Google button appears on the Kula login screen. No additional configuration is required to enable basic Google login.
How it works
The user clicks Sign in with Google on the Kula login page.
They are redirected to Google's OAuth flow and sign in with their Google account.
On successful authentication, they are signed in to Kula.
Enabling or disabling
Use the toggle next to Google in the Sign-in options section to enable or disable this method.
Google SSO & Auto-Provisioning
For organizations using Google Workspace, Kula also supports Google SSO with automatic user provisioning and deprovisioning. This is a separate, more advanced configuration that keeps your Kula user base in sync with your Google Workspace directory.
For full setup instructions, see: How to Configure Google SSO Login in Kula → https://support.kula.ai/articles/9363615626-Google-SSO-autoprovisioning
Microsoft
The Microsoft sign-in option allows users to authenticate using their Microsoft account. When enabled, a Sign in with Microsoft button appears on the Kula login screen. No additional configuration is required to enable basic Microsoft login.
How it works
The user clicks Sign in with Microsoft on the Kula login page.
They are redirected to Microsoft's OAuth flow and sign in with their Microsoft account.
On successful authentication, they are signed in to Kula.
Enabling or disabling
Use the toggle next to Microsoft in the Sign-in options section to enable or disable this method.
Single Sign-On (SSO)
Single Sign-On (SSO) allows your users to sign in to Kula using your organization's existing identity provider (IdP). This is the recommended approach for larger organizations that want centralized access control and a seamless login experience for their team.
Kula supports SAML 2.0-based SSO. Once configured, users are redirected to your IdP for authentication and returned to Kula on success.
Adding an SSO Provider
To add an SSO configuration:
1. Navigate to Settings → Organization → Security.
2. Under Single Sign-On (SSO), click + Add SSO.
3. Select your identity provider or choose Custom SAML to configure manually.
4. Enter the required configuration details provided by your IdP (SSO URL, Entity ID, X.509 Certificate).
5. Click Save and use the Test Connection button to validate the setup.
6. Once validated, enable the toggle to activate SSO for your organization.
Note: After enabling SSO, users will be redirected to your identity provider for login. You can allow both SSO and direct login simultaneously, or enforce SSO exclusively.
Managing SSO Providers
Once an SSO provider is configured, it appears listed under the Single Sign-On (SSO) section with its name and logo (e.g., Okta, JumpCloud). Each configured provider shows:
Edit icon — update the SSO configuration
Delete icon — remove the SSO provider
Toggle — enable or disable this specific SSO provider
Multiple SSO providers can be configured and toggled independently.
Provider-Specific Setup Guides
For detailed, step-by-step instructions for your specific identity provider, refer to the dedicated setup articles below:
Identity Provider | Setup Guide |
Best Practices
Always keep at least one sign-in method enabled to prevent users from being locked out.
For organizations with 10+ users, SSO is strongly recommended for centralised access control and easier onboarding/offboarding.
If enforcing SSO exclusively, communicate the change to your team before disabling Email & Password or social login options.
If using Google Workspace, consider enabling Auto-Provisioning to keep your Kula user list automatically in sync.
Regularly review and remove unused SSO configurations to keep your security settings clean.
Permissions
Only Super Admins can access and modify Security settings, including enabling or disabling sign-in methods and configuring SSO.
If you do not see the Security section under Settings, please contact your Super Admin.
Need Help?
If you have questions or need assistance with setup, feel free to reach out at support@kula.ai or use the in-app chat for help.