Come possiamo aiutarti?

SAML Single Sign-on

It is finally possible to set up SAML SSO with! This article explains you all the steps to process. 3, 2, 1.. go!

What is SAML? 

Security Assertion Markup Language (SAML) gives users access to (SP) through an identity provider (IDP) of your choice. It works by transferring the user’s identity from one place (the identity provider) to another ( Enabling SAML through can be done in few easy steps! 

Step 1: Configure your identity provider

The first step here is to set up a connection for SSO -also known as a connector- with your IDP. We are currently working with two main providers: OKTA and OneLogin, but you also have the option to use your own provider. 

  • To enable SAML using OKTA please click here
  • To enable SAML using OneLogin, please click here. 
  • To enable SAML using Azure AD, please click here
  • To enable SAML using custom SAML 2.0, please click here.

Step 2: Set up SAML SSO for

Once you've configured your identity provider, you just need to enable SAML into

  • Sign into and go to the Admin section



  • Select Security and make sure to click on "open" next to SAML



  • Fill in the details from your IDP


Step 3: Provisioning

By default uses just in time provisioning, meaning the user is create in upon first login if he does not exist.

If you wish to enable full provisioning, please generate the token, and follow your IDP instructions to enable this. supports IDP Initiated Flow or SP Initiated Flow.




What will happen once your SSO is enabled?

When you've finished setting up your SSO, each member will receive an email letting them know about the change. The email will prompt members to connect their accounts with your identity provider. From now on, all members will sign in to with their identity provider account.

Common errors after signing into your SSO provider

Some users might experience difficulties and not be able to use SSO. For example, after entering the credential of the user into the login page of the SSO provider, instead of being redirected back to page, the user gets an error message saying that the signed in user '[email protected]' is not assigned to a role for the application (the wording might be slightly different depending on the SSO provider). This means that the Admins of the account should go into the SSO provider your team is using and assign/add this user to the account. 

If you have any further questions about setting up SSO with, feel free to reach out to our customer success team anytime right here