Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.jitera.ai/llms.txt

Use this file to discover all available pages before exploring further.

Organization settings let you manage settings that apply across the entire organization. Owners and admins can change settings, while members can view the current configuration.

Settings Page Structure

Organization settings are divided into the following sections.
SectionContent
GeneralOrganization info, AI models, MFA, SSO
MembersMember invitations and role management
TeamsTeam creation and management
Billing & UsagePlans, credits, seats

Profile

  • Change the organization name
  • Upload a logo
  • View the current plan and seat usage

AI Model Management

Configure which AI models are available to your organization and set the default model.
  • Available models — Select multiple models for organization members to use. The main providers are OpenAI, Anthropic, and Google. The default model cannot be disabled. A confirmation dialog is shown when disabling a model that is currently in use
  • Default model — Set the model that is initially selected for new projects and agents

MFA (Multi-Factor Authentication) Enforcement

You can enforce multi-factor authentication across the entire organization. When enabled, all members are required to set up MFA.
  • Toggle Enforce MFA on the general settings page to enable or disable
  • A confirmation dialog is shown when enabling

SSO Configuration

SSO is available on the Enterprise plan only. The configuration dialog is disabled for organizations on other plans.
Configure SAML 2.0 based Single Sign-On (SSO). Works with any SAML 2.0 compatible identity provider: Microsoft Entra ID, Google Workspace, Okta, OneLogin, and others.

SSO with Microsoft Entra ID

Step-by-step guide with sample values for connecting Jitera to Microsoft Entra ID.
Click the Single sign-on (SSO) row on the general settings page to open the configuration dialog. General settings page with SSO section
Saving the SSO configuration enables it immediately. Users with the configured email domains will be required to log in via SSO.

1. Copy Service Provider values to your IdP

Your identity provider needs these values to trust Jitera. Copy them from the read-only fields at the top of the dialog.
FieldDescription
IssuerSP Entity ID issued by Jitera
Assertion Consumer Service URLSAML authentication callback URL

2. Provide your IdP configuration

Pick the method that works best for your identity provider.
Paste your IdP’s metadata endpoint URL and click Fetch. The fields below auto-fill from the metadata.Works with Microsoft Entra ID, Okta, and other IdPs that expose a metadata URL.Metadata URL tab
All three methods fill the same fields. You can review and edit the values before saving.
FieldDescription
Email domainsDomains subject to SSO, comma-separated (e.g. example.com, corp.example.com)
IdP Entity IDYour identity provider’s Entity ID
IdP SSO Service URLSAML login endpoint URL
IdP Certificate FingerprintX.509 certificate fingerprint (SHA-1 or SHA-256 accepted)
When the Metadata URL or XML upload method parses a certificate, the expiry date is displayed below the fingerprint field and persisted with the configuration. A color-coded warning is shown as the date approaches:
StateCondition
NormalMore than 30 days remaining
Warning (amber)30 days or fewer remaining
Critical (red)7 days or fewer remaining, or already expired
When the certificate is close to expiry or has expired, re-fetch the metadata from your IdP to pull in the renewed certificate.

3. Configure attribute mapping

SSO modal: IdP fields and attribute mapping Tell Jitera which SAML assertion attributes correspond to user fields. Defaults work for most IdPs. Change them if your IdP uses different attribute names.
FieldDefaultMicrosoft Entra ID
Emailemailhttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/email
First namefirstNamehttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
Last namelastNamehttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
Check your IdP’s documentation for the exact attribute names it sends in the SAML assertion. Common names differ between providers.

4. Save and test

Click Set up SSO to save. SSO is enabled immediately.
You must save before testing. The Test Connection button is disabled until the configuration is saved. If you edit the form after saving, save again before testing.
Click Test Connection to verify the configuration.
  1. A new browser tab opens your IdP login page
  2. Authenticate with your credentials
  3. On success, a notification shows the extracted email, first name, and last name. Verify they match the expected values.
  4. On failure, a specific error message indicates what went wrong
Successful test connection showing extracted attributes

Billing & Usage

  • Plan — View the current plan (Free / Pro / Max / Enterprise), upgrade or cancel
  • Credits — View balance and usage rate, reset date
  • Seats — View active user count and limit