Skip to content

Launch Your Workspace

Use this page when your business team is setting up SigID for the first time or preparing a workspace for real users.

If you need the first concrete Dashboard setup path, start with Workspace Admin Quickstart.

A workspace is the business container where you manage apps, users, organizations, sign-in settings, security roles, and audit events.

Launch Steps

  1. Create the workspace.
  2. Assign a primary owner and backup owner.
  3. Create the application users will sign in to.
  4. Add the app name, logo, redirect URLs, allowed origins, and requested access.
  5. Choose sign-in methods for users.
  6. Invite test users and complete sign-in from the real app.
  7. Add organizations and SSO if customers or internal teams need them.
  8. Review admin roles, audit access, support owner, billing owner, and recovery process.
  9. Give developers the app values they need.
  10. Run the production checklist before launch.

Decisions To Make Before Users Arrive

Decision Why it matters
Workspace owner Someone must own settings, incidents, and final launch approval.
Backup owner Access should not depend on one person.
App display name Users should recognize the name in sign-in and consent prompts.
Sign-in methods Users need to know whether to use passkeys, passwords, magic links, MFA, or SSO.
Recovery path Support must know what users should do when sign-in fails.
Support contact Users need a trusted place to ask for help.
Production domains Redirect URLs and allowed origins must match the real app exactly.

Hand Off To Developers

Give developers values from the same environment:

  • issuer URL
  • client ID
  • redirect URI
  • requested scopes
  • API audience
  • workspace or tenant identifier
  • whether the app is a public PKCE client or a confidential server-side client

Then send developers to Add Login To Your App.

Ready To Launch When

  • users can start in the real app, sign in with SigID, and return to the app
  • test users know what sign-in method to choose
  • support knows how to handle login, recovery, and SSO questions
  • developers have verified backend token checks
  • production redirect URLs and allowed origins are exact
  • secrets are stored outside browser code
  • admin roles and audit access are reviewed
  • billing owner and launch owner are confirmed