General settings
Use General for organization-level settings such as:- Organization name.
- Passkey policy for privileged users.
- Passkey policy for all users.
- Whether email magic links are disabled when SSO is configured.
- Whether every Orchestration owner can share owned Orchestrations.
- Sign-in configuration when your organization uses an external identity provider.
Update organization name
Configure passkey policy
Your organization may be able to require passkeys for:- Privileged users.
- All users.
| Setting | What it does |
|---|---|
| Require passkeys for privileged users | Requires users with elevated permissions to enroll at least one passkey before using Sofie normally. |
| Require passkeys for all users | Requires passkey enrollment for every user account. |
- Confirm users have supported browsers and devices.
- Communicate the change.
- Decide how users should get help if blocked.
- Confirm administrators have passkeys enrolled first.
- Review the policy with the team that owns identity and access.
Configure magic-link sign-in policy
Use Disable magic links when SSO is enabled to hide and block email magic-link sign-in when an external SSO provider is fully configured. When this setting is on:- Users sign in with SSO, passkey, or another available method.
- Email magic links are unavailable only after an external SSO provider is enabled and configured.
- Magic links stay available if no SSO provider is enabled, which helps prevent administrator lockout during setup.
Find Authentication Policy
Review the passkey policy and Disable magic links when SSO is enabled setting together.
Configure Microsoft Entra ID sign-in
Use Microsoft Entra ID Authentication when users should sign in with Microsoft. Fields may include:| Field | Use it for |
|---|---|
| Enable Microsoft Entra ID | Allows users to sign in with their Microsoft account. |
| Application (Client) ID | The application client ID from the Microsoft Entra app registration. |
| Directory (Tenant) ID | The directory tenant ID from the Microsoft Entra app registration. |
| Client Secret | The client secret from the Microsoft Entra app registration. Leave blank when rotating nothing and Sofie already has a saved secret. |
Configure Orchestration sharing
Use Orchestration Sharing in General to decide whether all Orchestration owners can share owned Orchestrations. When Allow unrestricted orchestration sharing is on, owners can share their owned Orchestrations. When it is off, owners need Share Orchestrations through the Publisher role or a custom role before they can share.Update Orchestration Sharing
Find Orchestration Sharing and turn Allow unrestricted orchestration sharing on or off.
Brand settings
Use Brand to configure company details used in Sofie-generated document styling. Brand settings may include:- Logo.
- Primary color.
- Secondary color.
Enable personal branding
Use Allow personal branding when users should be able to set their own generated document logo and colors.Brand review checklist
Before saving brand settings, check:- Logo is current.
- Logo is readable on light backgrounds.
- Colors have enough contrast in generated output.
- The organization name is spelled correctly.
- The brand does not conflict with project-specific document requirements.
Related settings
Use these pages for adjacent administrator work:- Integration administration for connected app availability.
- Security Center for security events and access review material.
- Security and passkeys for user-level passkey setup.