Quick References

Welcome to GeoVision

Quickstart Guide

Workspace

What is a Workspace?

Organizing Data in GeoVision: Projects

Organizing Data in GeoVision: Models

Version Control

Roles and Seats

Invite to Workspace

Workspace Discoverability 

Domain Protection

View & Share

Publish & Load

Single Sign-On (SSO) 

Secure who can access your workspace:

Note: SSO is available on the Business plan.

Single Sign-On (SSO) allows users to access GeoVision using your organization’s existing identity provider. GeoVision supports any OIDC (OpenID Connect) identity provider.

How to Enable SSO?

Admins can enable SSO from Workspace Settings → Security.

We’re happy to assist if you need help with setup. Contact us.

1. Create an OpenID Connect Application

In your identity provider’s dashboard, set up a new web application using the OpenID Connect (OIDC) protocol. This will generate the values you’ll need to configure SSO in GeoVision.

Use the following Redirect URL (callback) when configuring the application:

https://app.geovision.cloud/api/v1/workspaces/{workspace-short-id}/sso/oidc/callback

Replace {workspace-short-id} with your workspace’s unique short ID. Set the application grant type to “authorization_code” and configure the following scopes:

Note: Some identity providers (like Azure AD) may omit or mask user email addresses by default. You may need to explicitly configure them to include the email claim.

2. Configure SSO in GeoVision

Fill out the SSO configuration form using the details from your identity provider:

Provider: The name displayed on the login button
Client ID: From your OIDC application
Client Secret: From your OIDC application
Issuer URL: The issuer URL from your identity provider

3. Enable SSO

Click Add to save your SSO configuration. Once SSO is enabled, all workspace members will be required to authenticate with SSO credentials the next time they access the workspace.

When SSO Is Enabled

Invited users will see your organization’s SSO login option.
Existing workspace members will be prompted to log in via SSO the next time they access the workspace.
Users with the Guest role can still access the workspace without SSO, since this role is designed for external collaborators.

Important:

SSO handles authentication, but it doesn’t automatically manage user access. If a user is removed from your identity provider, they will still appear in your GeoVision workspace until an admin manually removes them.
If your organization uses SSO, you do not need to enable domain protection, SSO already provides equivalent security controls.

Single Sign-On (SSO) 

Secure who can access your workspace:

Note: SSO is available on the Business plan.

Single Sign-On (SSO) allows users to access GeoVision using your organization’s existing identity provider. GeoVision supports any OIDC (OpenID Connect) identity provider.

How to Enable SSO?

Admins can enable SSO from Workspace Settings → Security.

We’re happy to assist if you need help with setup. Contact us.

1. Create an OpenID Connect Application

In your identity provider’s dashboard, set up a new web application using the OpenID Connect (OIDC) protocol. This will generate the values you’ll need to configure SSO in GeoVision.

Use the following Redirect URL (callback) when configuring the application:

https://app.geovision.cloud/api/v1/workspaces/{workspace-short-id}/sso/oidc/callback

Replace {workspace-short-id} with your workspace’s unique short ID. Set the application grant type to “authorization_code” and configure the following scopes:

Note: Some identity providers (like Azure AD) may omit or mask user email addresses by default. You may need to explicitly configure them to include the email claim.

2. Configure SSO in GeoVision

Fill out the SSO configuration form using the details from your identity provider:

Provider: The name displayed on the login button
Client ID: From your OIDC application
Client Secret: From your OIDC application
Issuer URL: The issuer URL from your identity provider

3. Enable SSO

Click Add to save your SSO configuration. Once SSO is enabled, all workspace members will be required to authenticate with SSO credentials the next time they access the workspace.

When SSO Is Enabled

Invited users will see your organization’s SSO login option.
Existing workspace members will be prompted to log in via SSO the next time they access the workspace.
Users with the Guest role can still access the workspace without SSO, since this role is designed for external collaborators.

Important:

SSO handles authentication, but it doesn’t automatically manage user access. If a user is removed from your identity provider, they will still appear in your GeoVision workspace until an admin manually removes them.
If your organization uses SSO, you do not need to enable domain protection, SSO already provides equivalent security controls.

Quick References

Workspace

View & Share

Publish & Load

Single Sign-On (SSO)

How to Enable SSO?

1. Create an OpenID Connect Application

2. Configure SSO in GeoVision

3. Enable SSO

When SSO Is Enabled

Important:

Single Sign-On (SSO)

How to Enable SSO?

1. Create an OpenID Connect Application

2. Configure SSO in GeoVision

3. Enable SSO

When SSO Is Enabled

Important:

Company

Legal

Quick References

Workspace

View & Share

Publish & Load

Single Sign-On (SSO) 

Single Sign-On (SSO) 