Single Sign-On with SAML

Article author
Nathan Goldstein
  • Updated

Setting up Single Sign On with SAML 2.0 involves two steps:

1) Enter your metadata into your Identity Provider as a new enterprise application connection

2) Share your metadata certificate with us


Once these steps are complete and both parties have configured connections, contact support to provision a test user and try the sign-on challenge end to end.


Note: We support staging environments for testing. Please contact for more information.


Create a new enterprise application connection

Our metadata and entity ID are the same string:


Most identity provider clients should parse this xml file and fill out most of the configuration for you. If not, ensure the EntityID is the URL above, and that our certificate is entered.


The NameID assertion format in your configuration should be employee ID when possible. For user attributes, include email address.


If employee ID as the NameID is not possible, use the email address of the user.


Share your metadata and certificates with us

We need your single sign-on login URL, logout URL, and certificate. Please send these to



Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request



Article is closed for comments.