diff --git a/org-formation/700-aws-sso/_tasks.yaml b/org-formation/700-aws-sso/_tasks.yaml
index 6f5858d7..e83d218d 100644
--- a/org-formation/700-aws-sso/_tasks.yaml
+++ b/org-formation/700-aws-sso/_tasks.yaml
@@ -342,6 +342,14 @@ Parameters:
     Type: String
     Default: '04182458-5011-7026-862d-509a06438571'
 
+  BixArenaProdAdminGroup:     # JC aws-bixarena-prod-admins
+    Type: String
+    Default: 'f4e8a418-10b1-70cc-a6b6-95aea41819d1'
+
+  BixArenaProdDeveloperGroup:     # JC aws-bixarena-prod-developers
+    Type: String
+    Default: '7478a468-8051-708a-24cc-0b07adfa1835'
+
   #------------- personal AWS accounts ------------------
   BuA2aDwAdminGroup:             #JC aws-BuA2aDw-admins
     Type: String
@@ -2291,3 +2299,39 @@ SsoGenAiIcDevDeveloper:
     instanceArn: !Ref instanceArn
     principalId: !Ref GenAiIcDevDevelopersGroup
     permissionSetArn: !CopyValue [ !Sub '${resourcePrefix}-${appName}-developer-permission-set-arn' ]
+
+SsoBixArenaProdAdmin:
+  Type: update-stacks
+  DependsOn: SsoAdministrator
+  Template: https://raw.githubusercontent.com/Sage-Bionetworks/aws-infra/v0.10.2/templates/SSO/aws-sso.njk
+  TemplatingContext: {}
+  StackName: !Sub '${resourcePrefix}-${appName}-bixarena-prod-admin'
+  StackDescription: 'SSO: admin role used by BixArena prod admin group'
+  DefaultOrganizationBindingRegion: !Ref primaryRegion
+  DefaultOrganizationBinding:
+    IncludeMasterAccount: true
+  OrganizationBindings:
+    TargetBinding:
+      Account: !Ref BixArenaProdAccount
+  Parameters:
+    instanceArn: !Ref instanceArn
+    principalId: !Ref BixArenaProdAdminGroup
+    permissionSetArn: !CopyValue [ !Sub '${resourcePrefix}-${appName}-admin-permission-set-arn' ]
+
+SsoBixArenaProdDeveloper:
+  Type: update-stacks
+  DependsOn: SsoDeveloper
+  Template: https://raw.githubusercontent.com/Sage-Bionetworks/aws-infra/v0.10.2/templates/SSO/aws-sso.njk
+  TemplatingContext: {}
+  StackName: !Sub '${resourcePrefix}-${appName}-bixarena-prod-developer'
+  StackDescription: 'SSO: developer role used by BixArena prod developer group'
+  DefaultOrganizationBindingRegion: !Ref primaryRegion
+  DefaultOrganizationBinding:
+    IncludeMasterAccount: true
+  OrganizationBindings:
+    TargetBinding:
+      Account: !Ref BixArenaProdAccount
+  Parameters:
+    instanceArn: !Ref instanceArn
+    principalId: !Ref BixArenaProdDeveloperGroup
+    permissionSetArn: !CopyValue [ !Sub '${resourcePrefix}-${appName}-developer-permission-set-arn' ]