Authentication methods for your Sigma organization
Sigma supports multiple authentication methods, each with different benefits and limitations. When selecting authentication methods for your Sigma organization, there are two main decisions to make:
- How will users in your organization sign in to Sigma?
- How will you connect to the data in your warehouse?
This document focuses on the available methods for signing in to your organization, and considerations for each available method. For information on the available methods of authenticating to your data platform, view the documentation on your chosen platform, under Connect to data sources.
You can change your organization’s authentication method at any time. However, migration between options can take significant testing and time, so Sigma recommends deciding on a method that suits your needs best from the beginning.
Overview of authentication methods for your organization
Sigma supports SAML (Security Assertion Markup Language), OAuth (Open Authorization), and password authentication methods for signing in to your organization:
-
SAML: SAML is an XML-based protocol that is used for single-sign on (SSO). SAML SSO allows you to securely log in to multiple apps with one ID. This works by using your identity provider (IdP) to verify your identity with a digital certificate, allowing you to sign in with an IdP like Okta or Entra. Sigma supports SAML 2.0.
-
OAuth: When used for SSO purposes, OAuth is combined with OIDC (Open ID Connect). OAuth is a token-based protocol that uses an authorization server (such as your IdP) to create short-lived tokens to enable access without needing your password. Sigma supports OAuth 2.0.
-
Password authentication: Each user signs in using their email address and password. Two-factor authentication via email is automatically enabled for greater security.
While not a method of authenticating to your organization, SCIM (System for Cross-Domain Identity Management) is also supported in Sigma. Whether your organization wants to use SCIM may influence your authentication method choices.
SCIM is a method of managing user identities at scale, and allows an identity provider (like Okta) to push user and group information updates automatically to all connected apps (like Sigma), without you having to manually update user and group information.
Considerations for choosing an authentication method for your organization
When you choose an authentication method, consider the authentication requirements of your organization and other existing software configurations.

