Authorization providers control how users access your platform and how permissions are structured.
In headful, you can choose between two options:
Internal headful user management
External authorization via your own SSO (Single Sign-On), such as Azure or Google
Both options are configured on a per-project basis. Multiple authorization providers can be combined within a single project.
Internal headful User Management
The internal user management is configured directly in the dashboard.
This option is suitable for closed user groups or external users without their own SSO.
Integrating Your Own SSO
Alternatively, you can connect an external authorization provider, such as:
Azure
Google
After integration:
Users authenticate via the external provider
Existing groups can be imported
Groups are configured in the headful group management
Group sets can be defined per project
Authentication is handled externally, while authorization logic remains managed within headful.
System Dependencies
Authorization providers are configured per project
Group control is always managed within headful group management
External groups must be properly mapped
Multiple providers can be combined within a single project
Design Implications
Different authorization providers may introduce different user structures
The group structure should be defined before SSO integration
Combining internal and external providers requires a clearly defined roles and permissions concept
Tips & Tricks
Define your group structure before integrating SSO
Use internal users for external partners or temporary access
Use multiple authorization providers to separate internal and external users
Keep group logic consistent across projects