Sso Error You Do Not Have Permissions To Join This Organization Or Prompts To Create New Organization

When attempting to log in via SSO, you may observe the message "You do not have permissions to join this organization" or be prompted to create a new organization.

Why This Happens:

Supabase treats email/password and SSO identities as distinct, even when the email addresses are identical. Existing memberships associated with email/password accounts are not automatically linked to a newly created SSO identity.

How to Resolve This Issue:

If you want your org members to auto-join:

1. As an organization administrator, ensure "Join organization on signup" is enabled in your SSO configuration.
2. Navigate to your organization's Members settings.
3. Remove any existing email/password-based user accounts that are intended to transition to SSO.
4. Instruct these users to log in via SSO; they will be automatically re-added to your organization with the default role if auto-join is active.

Alternatively, you can manually re-invite their Google SSO identity to the org, ask them to accept the invite while signed in via Google and once confirmed, remove their old email/password account.

Best Practice When Setting up SSO:

Maintain owner account with a password login as a break-glass backup.