Integrate your identity provider to enforce 2FA / MFA

Require end-users to authenticate before accessing your private networks and resources.
User portal

Enable single sign-on (SSO) in minutes. No scripts required.

Legacy VPNs have limited support for identity platforms and integration often require complex scripts. Firezone works with any identity provider that supports SAML 2.0 or OpenID Connect (OIDC).
  • Okta
  • Azure AD
  • Google
  • Onelogin
  • Ping Identity
  • Keycloak
  • Auth0
  • JumpCloud
Integrate your provider
Identity Provider
Deprovision Users

Automatically remove access for users who have left

Manage users centrally using your identity platform. Firezone automatically syncs with your provider to ensure user access is immediately revoked.
Enable de-provisioning

Add a time-based one time password (TOTP) for MFA

Meet compliance requirements for MFA and improve your security posture. Add an additional factor for admin accounts and user accounts using local authentication.
Add an additional factor
time based one time password
user portal

Require periodic re-authentication to stay connected

Decrease the risk of unauthorized access from stolen devices or leaked configs. Require users to periodically re-enter their credentials to maintain their VPN connection.
Set a session length

Demo: Integrate Okta for SSO