Welcome to Retool! We're a fast way to build custom internal software.

You'll find the 5 minute demo, quickstart guide, and documentation for each of our connectors and components here. If you've got any questions -- chat with us on the bottom right!

Get Started    Guides

Inviting users and authentication

Learn how users authenticate, and how to invite them to your Retool.

Retool manages authentication for all the tools you build in Retool. In the cloud version, that means that if you authenticated via SSO (as you should!), and somebody else SSO's in with the same domain, they'll get read access to the tools you've created.

Depending on how you sign in, and whether you use the cloud or on premise version, the user invite flow is different. To invite users, you should visit /settings.


Google SSO

Anybody who signs up for the same domain will be able to access all created Retool pages, but in view-only mode. If you want them to become editors, you'll have to add them to the editors group.

Email + password

If you sign in via email and password, you'll need to invite users to your organization in order for them to access it. Without an invite, they'll be on their own Retool account, even if they sign in via an email address that ends with the same domain.

Okta SSO

Okta SSO is currently not supported in the cloud version of Retool. Please contact us for more details.

On premise

For on premise deployments of Retool, once the first user account is created, the domain name is set. People from different domains will not be able to sign up.

Google SSO

Users with the same domain will be able to sign in, but will not be able to view or edit pages, datasources, or anything else. You must explicitly add them to a group in order for them to have permissions.

Okta SSO

Once you add somebody to the Retool group on Okta, they're allowed to sign in to Retool. But you must explicitly grant them permissions inside Retool - otherwise they won't be able to view or edit pages, datasources, or anything else.

Email + password

Users who sign in via email and password will not be able to see anything after signing in, just like Google SSO. We suggest disabling email + password sign in / up on on-premise deployments.

What's Next

User permissions