SAML Single Sign On (SSO)
Configure default system behaviors and manage SAML Single Sign-On (SSO) integration for secure and seamless user access.
What is SAML?
Security Assertion Markup Language (SAML, pronounced SAM-el) is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider.
In non-jargon speak, SAML SSO (Single Sign On) lets your users login to Sonderplan (the service provider) with third party identity providers, such as Google Workspace, Okta, Azure Active Directory and Onelogin.
SAML reduces friction, allowing your users to access Sonderplan with their existing company controlled user account.
Implementing SAML also benefits your businesses IT administrators, with less admin overhead and improved security by centralising user accounts. SAML isn’t just for large enterprise, it’s recommended for any business already running a central user directory such as Google Workspace.
Enabling SAML SSO
To enable SAML SSO go to Admin -> System Settings, expand the SAML Sign On (SSO) Settings accordion and then change the Enable SAML SSO option to Enabled.
Identity Provider Details
These settings will be supplied via your Identity Provider, eg. Google Workspace, Microsoft Azure Active Directory etc. Please copy and paste them into the relevant fields and refer to the guides further down on how to configure SAML within your Identity Provider.
Identity Provider Name
This field will be displayed on the SSO sign in button on the login screen.
IDP Entity ID / Issuer URL
Identity Provider Issuer Entity ID, often a URL, eg. http://okta.com/Eksj7Hhsk24klljsd
IDP Login URL / SSO Endpoint
The URL that Sonderplan will call to request a user login from the Identity Provider
IDP Logout URL / SLO Endpoint
The URL that Sonderplan will call to request a user logout to the Identity Provider
IDP X.509 Certificate
The authentication certificate issued by your Identity Provider
Configuration Guides
These guides cover the most common identity providers that our customers use, however if you’re running into issues or need help with configuring a different provider, please reach out to our support team.
Google Workspace
To configure Sonderplan SAML SSO with Google Workspace, please expand and follow the instructions in each section:
Microsoft Entra
To configure Sonderplan SAML SSO with Microsoft Entra, please expand and follow the instructions in each section:
Okta
To configure Sonderplan SAML SSO with Okta, please expand and follow the instructions in each section:
Configure Users for SSO
Once you’ve correctly configured SAML, you’ll need to enable SAML SSO Login for each of your users in Admin -> Users & Groups -> User Editor -> SAML SSO Login.