Context

Users may encounter issues when attempting to log in to LangSmith using Single Sign-On (SSO), such as the SSO button not working, receiving authentication errors, or being redirected back to the login page.

Answer

If you're experiencing issues logging into LangSmith via SSO, follow these troubleshooting steps:

Clear your browser cache and cookies
- This is often necessary when switching between authentication methods or after SSO is newly configured
- Try using an incognito/private browser window to test if the issue persists
Check corporate firewall and security tools
- If users are not being redirected to your SSO provider, corporate firewalls or security tools (like Zscaler) may be blocking the requests
- Work with your IT team to allowlist these domains:
  - smith.langchain.com
  - api.smith.langchain.com
- Look for 403 errors in browser developer tools or HAR files that may indicate blocked requests
Verify SSO permissions and group membership
- Ensure you are a member of the correct SSO group in your organization's identity provider (e.g., Okta, Azure AD)
- If you're using Azure AD, verify that the application has the necessary permissions configured
Check SSO configuration
- Confirm the redirect URL is correctly set to: [langsmith-domain]/api/v1/oauth/custom-oidc/callback
- Verify that the client ID in your LangSmith deployment matches the one in your identity provider
- Ensure all required permissions are granted in your identity provider
Access through identity provider dashboard
- Try accessing LangSmith directly through your organization's SSO dashboard (e.g., Okta dashboard)
- You may need to verify your email address the first time you log in

If you continue to experience issues, contact your IT team to verify the SSO application configuration is correct and all necessary permissions are in place.

Answer

If you're experiencing issues logging into LangSmith via SSO, follow these troubleshooting steps:

Clear your browser cache and cookies

This is often necessary when switching between authentication methods or after SSO is newly configured
Try using an incognito/private browser window to test if the issue persists

Check corporate firewall and security tools

If users are not being redirected to your SSO provider, corporate firewalls or security tools (like Zscaler) may be blocking the requests
Work with your IT team to allowlist these domains:
- smith.langchain.com
- api.smith.langchain.com
Look for 403 errors in browser developer tools or HAR files that may indicate blocked requests

Verify SSO permissions and group membership

Ensure you are a member of the correct SSO group in your organization's identity provider (e.g., Okta, Azure AD)
If you're using Azure AD, verify that the application has the necessary permissions configured

Check SSO configuration

Confirm the redirect URL is correctly set to: [langsmith-domain]/api/v1/oauth/custom-oidc/callback
Verify that the client ID in your LangSmith deployment matches the one in your identity provider
Ensure all required permissions are granted in your identity provider

Access through identity provider dashboard

Try accessing LangSmith directly through your organization's SSO dashboard (e.g., Okta dashboard)
You may need to verify your email address the first time you log in

If you continue to experience issues, contact your IT team to verify the SSO application configuration is correct and all necessary permissions are in place.

Why am I having trouble logging in to LangSmith via SSO?

Context

Answer

Why am I having trouble logging in to LangSmith via SSO?

Context

Answer