diff --git a/blueprint.yaml b/blueprint.yaml
index 0a524f12..adc25055 100644
--- a/blueprint.yaml
+++ b/blueprint.yaml
@@ -31,6 +31,7 @@ proxy-resources:
       #   - owen@pangolin.net
       # whitelist-users:
       #   - owen@pangolin.net
+      # auto-login-idp: 1
     headers:
       - name: X-Example-Header
         value: example-value
diff --git a/docker-compose.example.yml b/docker-compose.example.yml
index 21a5134f..84a5140b 100644
--- a/docker-compose.example.yml
+++ b/docker-compose.example.yml
@@ -35,7 +35,7 @@ services:
       - 80:80 # Port for traefik because of the network_mode
 
   traefik:
-    image: traefik:v3.5
+    image: traefik:v3.6
     container_name: traefik
     restart: unless-stopped
     network_mode: service:gerbil # Ports appear on the gerbil service
@@ -52,4 +52,4 @@ networks:
   default:
     driver: bridge
     name: pangolin
-    enable_ipv6: true
\ No newline at end of file
+    enable_ipv6: true
diff --git a/install/config/docker-compose.yml b/install/config/docker-compose.yml
index b507e914..90613b2a 100644
--- a/install/config/docker-compose.yml
+++ b/install/config/docker-compose.yml
@@ -35,7 +35,7 @@ services:
       - 80:80
 {{end}}
   traefik:
-    image: docker.io/traefik:v3.5
+    image: docker.io/traefik:v3.6
     container_name: traefik
     restart: unless-stopped
 {{if .InstallGerbil}}
@@ -59,4 +59,4 @@ networks:
   default:
     driver: bridge
     name: pangolin
-{{if .EnableIPv6}}    enable_ipv6: true{{end}}
\ No newline at end of file
+{{if .EnableIPv6}}    enable_ipv6: true{{end}}
diff --git a/server/lib/blueprints/proxyResources.ts b/server/lib/blueprints/proxyResources.ts
index d85befed..5fbebb5a 100644
--- a/server/lib/blueprints/proxyResources.ts
+++ b/server/lib/blueprints/proxyResources.ts
@@ -221,6 +221,7 @@ export async function updateProxyResources(
                         domainId: domain ? domain.domainId : null,
                         enabled: resourceEnabled,
                         sso: resourceData.auth?.["sso-enabled"] || false,
+                        skipToIdpId: resourceData.auth?.["auto-login-idp"] || null,
                         ssl: resourceSsl,
                         setHostHeader: resourceData["host-header"] || null,
                         tlsServerName: resourceData["tls-server-name"] || null,
@@ -610,6 +611,7 @@ export async function updateProxyResources(
                     domainId: domain ? domain.domainId : null,
                     enabled: resourceEnabled,
                     sso: resourceData.auth?.["sso-enabled"] || false,
+                    skipToIdpId: resourceData.auth?.["auto-login-idp"] || null,
                     setHostHeader: resourceData["host-header"] || null,
                     tlsServerName: resourceData["tls-server-name"] || null,
                     ssl: resourceSsl,
diff --git a/server/lib/blueprints/types.ts b/server/lib/blueprints/types.ts
index ca3177b3..e49024f9 100644
--- a/server/lib/blueprints/types.ts
+++ b/server/lib/blueprints/types.ts
@@ -59,6 +59,7 @@ export const AuthSchema = z.object({
         }),
     "sso-users": z.array(z.string().email()).optional().default([]),
     "whitelist-users": z.array(z.string().email()).optional().default([]),
+    "auto-login-idp": z.number().int().positive().optional(),
 });
 
 export const RuleSchema = z.object({