Circuit supports single sign-on (SSO) through Google and Microsoft identity providers. Users sign in with their existing corporate credentials. No separate Circuit password is needed.Documentation Index
Fetch the complete documentation index at: https://docs.circuit.ai/llms.txt
Use this file to discover all available pages before exploring further.
Supported identity providers
| Provider | Protocol | Notes |
|---|---|---|
| OAuth 2.0 / OpenID Connect | Google Workspace accounts | |
| Microsoft | OAuth 2.0 / OpenID Connect | Azure AD / Microsoft Entra ID accounts |
How SSO works in Circuit
Authenticate with identity provider
The user is redirected to their identity provider’s login page (if not already signed in). Standard corporate authentication policies apply: MFA, conditional access, etc.
User provisioning
When a user signs in for the first time:- If they were previously invited to a workspace, they are automatically linked to that workspace
- Their name and email are populated from the identity provider
- They receive the permissions assigned during their invitation
Circuit uses just-in-time provisioning. Users are created in Circuit on their first sign-in. You do not need to pre-create user accounts (beyond sending the invitation).
Security policies
Circuit respects the security policies configured in your identity provider:- Multi-factor authentication (MFA): if your IdP requires MFA, users must complete it before accessing Circuit
- Conditional access: Azure AD conditional access policies (device compliance, location restrictions, etc.) are enforced at the IdP level
- Session management: session duration and sign-out behavior follow your IdP configuration
Revoking access
To revoke a user’s access to Circuit:- Remove them from the Circuit workspace: this immediately removes access to all workspace resources
- Disable their IdP account: this prevents them from signing in to Circuit entirely