Skip to main content
Administrators can control which authentication methods are available for their team to use when signing in to BRM. This gives you visibility and control over how access is granted, making it easy to enforce your company’s security policies without extra overhead.
Screenshot 2026 02 19 At 11 48 34 AM

Supported Login Methods

BRM supports four login methods. As an administrator, you can enable or disable any combination of these:
  • Email + Password — Standard credential-based login using a work email and password.
  • Google — Single sign-on via Google Workspace.
  • Okta — SSO via your Okta identity provider.
  • Microsoft Entra — SSO via Microsoft Entra ID (formerly Azure AD).

Managing Login Methods

  1. Navigate to Settings → Security in your BRM workspace.
  2. Under Login Methods, toggle each method on or off based on what you’d like to allow.
  3. Changes take effect immediately — any disabled method will no longer appear as an option on the BRM login screen.
Note: At least one login method must remain enabled at all times. BRM will prevent you from disabling all methods simultaneously.

Additionally: Auto-Creating Users

BRM has the ability to provision a user an account automatically when they try to log in for the first time. You can enable this by toggling this question. This is particularly useful when using SSO systems like Okta or Microsoft entra where you can provision the user in your SSO system and the user will get created in BRM the first time they try to log in. This can also be used to just let anyone with the appropriate email domain create an account if using email + password or google sign in.
Screenshot 2026 02 26 At 11 29 31 AM

Things to Keep in Mind

Restricting access for existing users — If a team member is currently using a login method you disable, they will no longer be able to sign in with that method. Make sure users have access to an enabled method before making changes. SSO enforcement — If your organization requires SSO, disabling Email + Password and enabling only your identity provider (Okta or Microsoft Entra) ensures all logins are routed through your IdP.