Skip to content
Karolina
Esc
navigateopen⌘Jpreview
On this page

Authentication

Authentication

Karolina supports multiple authentication methods to fit your organization’s security requirements.

Standard Login

The default login method using email and password.

Signing In

  1. Navigate to app.karolina.ai
  2. Enter your email address
  3. Enter your password
  4. Click Sign In

Password Requirements

  • Minimum 8 characters
  • At least one uppercase letter
  • At least one number
  • At least one special character

Resetting Your Password

If you forgot your password:

  1. Click Forgot Password on the login page
  2. Enter your email address
  3. Check your inbox for a reset link
  4. Follow the link to set a new password

Reset links expire after 24 hours.

Single Sign-On (SSO)

SSO allows you to authenticate using your organization’s identity provider.

Supported Providers

Provider Protocol
Okta SAML 2.0, OIDC
Azure AD SAML 2.0, OIDC
Google Workspace OIDC
OneLogin SAML 2.0
Generic SAML 2.0 SAML 2.0

Setting Up SSO

Only organization admins can configure SSO.

  1. Go to SettingsSecurity
  2. Click Configure SSO
  3. Select your identity provider
  4. Enter the required configuration details:
    • Entity ID: https://karolina.ai/saml/{organization-id}
    • SSO URL: From your identity provider
    • Certificate: X.509 certificate from your IdP
  5. Click Save Configuration
  6. Test the connection
  7. Enable SSO for your organization

SSO Login

Once SSO is configured:

  1. Go to app.karolina.ai
  2. Click Sign in with SSO
  3. Enter your organization email
  4. You’ll be redirected to your identity provider
  5. Authenticate with your IdP credentials
  6. You’ll be automatically logged into Karolina

SAML 2.0 Configuration

For organizations with custom SAML implementations:

Required SAML Attributes

Attribute Required Description
email Yes User’s email address
firstName Yes User’s first name
lastName Yes User’s last name
groups No Group memberships for RBAC

Service Provider Details

Entity ID: https://karolina.ai/saml/metadata.xml
ACS URL: https://karolina.ai/api/auth/saml/callback
SLO URL: https://karolina.ai/api/auth/saml/slo

Multi-Factor Authentication (MFA)

MFA adds an extra layer of security to your account.

Enabling MFA

  1. Go to SettingsProfileSecurity
  2. Click Enable MFA
  3. Scan the QR code with your authenticator app
  4. Enter the verification code
  5. Save your backup codes in a secure location

Supported Authenticator Apps

  • Google Authenticator
  • Authy
  • 1Password
  • Microsoft Authenticator
  • Any TOTP-compatible app

Session Management

Session Duration

  • Default session: 7 days
  • SSO sessions: Synchronized with IdP
  • Concurrent sessions: Up to 3 devices

Signing Out

Click your avatar → Sign Out to end your current session.

Troubleshooting

Issue Solution
Can’t receive password reset email Check spam folder, verify email address
SSO not redirecting properly Clear browser cookies, check IdP settings
MFA codes not working Check device time sync, use backup codes
Locked out of account Contact admin or [email protected]

Next Steps

Once authenticated, proceed to onboarding to set up your workspace.

Last updated on July 14, 2026

Was this page helpful?