Authentication Methods
Workspace Configuration
1. Managing Authentication Methods
Dify Enterprise provides three authentication methods for workspaces: Email + Password, Email + Verification Code, and Single Sign-On (SSO). System administrators can flexibly set up platform authentication methods based on business requirements, achieving unified management of organization members’ authentication methods in the Dify workspace.
1.1 Email and Password
Click the toggle button on the right side of the “Email and Password” row in the “Authentication Methods -> Workspace Settings” area to enable “Email and Password” authentication.
Once enabled, organization members can use “Email and Password” to log in to the Dify Enterprise platform workspace.
Common Questions
Q: How can organization members reset their passwords? A: Organization members can reset their passwords through three methods:
- Contact an administrator to reset the password in the enterprise management backend.
- Organization members can choose “Forgot Password” when logging into the Dify Enterprise platform.
- Organization members can reset their passwords in the account settings of the Dify Enterprise platform.
1.2 Email and Verification Code
Enable Authentication
Click the toggle button on the right side of the “Email and Verification Code” row in the “Authentication Methods -> Workspace Settings” area to enable “Email and Verification Code” authentication. Once enabled, organization members can use “Email and Verification Code” to log in to the Dify Enterprise platform workspace.
1.3 Single Sign-On (SSO)
Enable Authentication
For detailed instructions, please refer to Enterprise SSO
Common Questions
Please refer to FAQ.
1.4 Other Issues
- If the system administrator hasn’t enabled any authentication method, organization members will not be able to log in.
Managing Account Creation Methods
Dify Enterprise allows administrators to flexibly configure account creation methods: “Allow users to create accounts” and “Allow system to automatically create personal spaces”. This reduces management burden, improves organization members’ account access efficiency, and ensures smooth collaboration and platform usage.
2.1 Allow Users to Create Accounts
Click the toggle button on the right side of “Allow users to create accounts” in the “Authentication Methods -> Workspace Settings” area to allow users to create accounts independently. Once enabled, users can register accounts independently but cannot immediately access the Dify Enterprise platform until invited to join a space by a system administrator.
2.2 Allow System to Automatically Create Personal Spaces
Click the toggle button on the right side of “Allow system to automatically create personal spaces” in the “Authentication Methods -> Workspace Settings” area to allow the system to automatically create personal spaces for users after account creation. Once enabled, users need to be invited to join the enterprise by a system administrator to use the Dify Enterprise platform, and the system will automatically create a personal space for that user.
2.3 Flexible Configuration Combinations
- Both Enabled: Organization members are allowed to register accounts independently. After registration, the system automatically creates a personal space for them, and members can immediately start using the Dify Enterprise platform without waiting for administrator invitation.
- Only “System Automatically Create Personal Spaces” Enabled: Even with “System Automatically Create Personal Spaces” enabled, organization members still need a system administrator invitation to register and activate their account; self-registration will not be available.
WebApp Configuration
WebApp only supports access control through SSO, which can be enabled in WebApp settings after configuration is complete.