How to turn on single sign-on for Dropbox Business admins

This article discusses a feature that is only available to Dropbox Business teams on an Advanced or Enterprise plan.

Learn more about the new Dropbox Business plans.

If you're the admin of a Dropbox Business team on an Advanced or Enterprise plan, you can let team members access Dropbox by signing in to a central identity provider.

If you're the admin of a team on an Advanced or Enterprise plan, you can turn on single sign-on (SSO) so your team can access Dropbox without having to remember another password. 

Note: Dropbox two-step verification will be disabled when using single sign-on.

How to turn on single sign-on 

  1. Go to your identity provider's site and follow the instructions to configure single sign-on. 
  2. Download a copy of the X.509 certificate and make a note of the sign-in URL to use in step 8.
  3. Sign in to Dropbox with your admin account.
  4. Click Admin Console in the sidebar.
  5. Click Settings in the sidebar.
  6. Under Authentication settings, click Single sign-on.
  7. Choose whether to make single sign-on optional or required.
  8. Click Add sign-in URL and enter the URL you got earlier from your identity provider. 
  9. Optional: you can click Add sign-out URL to add a sign-out URL.
  10. Click Upload certificate to upload the X.509 certificate .pem file you downloaded earlier.
  11. Click Apply changes.
  12. If you chose to require single-sign on, Dropbox will notify team members by email. 
  13. If you made single-sign on optional, you’ll need to notify your team yourself.

Here are instructions for the rest of your team once you turn on single sign-on

What happens next? 

All devices that are linked to Dropbox accounts will continue to work as normal. Admins won't be able to reset passwords through Dropbox since passwords are now controlled by your identity provider.

If you chose to make SSO optional, your team can sign in to Dropbox using SSO or their Dropbox password.

If you chose to make SSO required, your team must sign in to Dropbox with SSO—their Dropbox password will not work. 

Your team also sign in directly to their Dropbox account by clicking your custom Dropbox URL. To find your URL:

  1. Sign in to dropbox.com.
  2. Click Admin console.
  3. Click Settings
  4. Click Single sign-on.
  5. In the SSO sign-in URL section, click Copy link. 

Seeing a SAML assertion error when you log in?

Learn how to resolve the error message: “Could not validate SAML assertion.”

How helpful was this article?

We’re sorry to hear that.
Let us know how we can improve:

Thanks for your feedback!
Let us know how this article helped:

Thanks for your feedback!

Community answers