3 min read 618 words Updated Jun 08, 2026 Created Jun 08, 2026

Getting Started

Welcome to Permiso! This guide walks you through everything you need to do before your team can start logging in. It usually takes about 30 minutes from start to finish.

Here's the short version: you'll create an admin account, set up email, invite your first users, and connect your first app. Each step below has more detail.

What you'll need

  • Your instance URL: https://[your-company].permisolabs.eu
  • Access to the email address you want to use for your admin account
  • SMTP credentials for your email provider (see Email (SMTP) for common settings)

Step 1: Create your admin account

Open https://[your-company].permisolabs.eu/setup in your browser. This is the one-time setup page. It's only available until the first admin account is created, after which it closes automatically.

Fill in your name, email address, and username, then follow the prompts to register a passkey on your device. A passkey is tied to your browser or device and replaces the need for a password. You'll use it every time you log in.

Tip: If you're not sure what a passkey is, think of it as a secure key stored in your browser or on your phone. You'll tap a button or use Face ID / Touch ID to log in, with no password to remember or type.

Once you've registered your passkey you'll land on the Permiso dashboard as an admin.

Step 2: Configure email

Permiso sends sign-up links and email verification messages to your users. Before any of that works, you need to provide SMTP credentials.

Go to Settings → Administration → Application Configuration and scroll down to the Email section.

Fill in your SMTP details and click Save. If you're not sure which values to use, the Email (SMTP) guide has settings for common providers like Mailgun, SendGrid, Amazon SES, and Office 365.

You can verify things are working by generating a test invitation in the next step and checking that the email arrives.

Step 3: Invite your first users

Go to Settings → Administration → Users and click Invite.

You'll see a dialog where you can set an expiry date and optionally assign the new user to one or more groups. Click Create to generate a sign-up link.

Copy the link and share it with whoever you're inviting (by email, Slack, or however you prefer). When they open the link, they'll be guided through creating their account and registering a passkey. No password needed on their end either.

See Inviting Users for more detail, including how to set usage limits on links.

Step 4: Connect your first application

Go to Settings → Administration → OIDC Clients and click New Client.

You'll need the redirect URI (also called callback URL) from the application you're connecting. Most apps show this in their SSO or authentication settings. Enter the app's name, paste in the redirect URI, and click Save.

After saving, you'll see a Client ID and Client Secret. Copy these now, as the secret won't be shown again. Paste them into your application's SSO configuration along with your Permiso discovery URL:

https://[your-company].permisolabs.eu/.well-known/openid-configuration

See Register an OIDC Client for a full walkthrough.

You're all set

At this point your team can sign up and log in, and your first application is connected to Permiso for SSO. Here are a few things you might want to do next: