# Configure Single Sign-On (SSO) (Helm) {% hint style="info" %} This documentation only applies to **advanced Orchestrated container deployments** using **Kubernetes** and **Helm** {% endhint %} This guide outlines the steps to configure Single Sign-On (SSO) for your CARTO Self-Hosted instance. [SSO integration](https://docs.carto.com/carto-user-manual/settings/sso) enhances security and user experience by allowing users to log in with a single set of credentials across multiple systems. ## Prerequisites {% hint style="info" %} Please get in touch at to start configuring your SSO integration. {% endhint %} 1. **Contact CARTO Support:** * Initiate contact with the CARTO Support team to request assistance with SSO configuration. * Work closely with the Support team to communicate your organization's specific requirements. 2. **Obtain organization ID:** * Once SSO is successfully configured from the CARTO side, CARTO Support team will provide you with a unique identifier known as the organization ID. This organization ID is **required to continue with the SSO configuration** in your CARTO Self-Hosted installation. ## **Setup** In order to configure the SSO in your orchestrated container deployment, the organization ID should be injected into your CARTO Self-Hosted instance. This value can be configured following these steps: * **Inject the organization ID into your CARTO Self-hosted:** * Add a new environment variable for the organization ID provided by CARTO Support in your customizations.yaml file. ```yaml appConfigValues: ssoOrganizationId: "" ``` * **Deploy Changes:** * Deploy the updated configuration to apply the changes to your CARTO Self-Hosted instance. ## Conclusion With the successful integration of SSO and the Organization ID, your CARTO Self-Hosted instance is now configured to provide a seamless and secure Single Sign-On experience for your users. You can now navigate to your CARTO deployment domain, and it should use your IdP to log into the platform.