All Collections
Apps
SSO
Setting up SAML
Setting up SAML

This article outlines how to set up and configure SAML with Envoy Visitors.

Updated over a week ago

To learn more about the benefits of using single sign-on, please read our About SAML article.

Enabling SAML for Envoy

  1. Go to Apps > Directory and SSO.

  2. Select "Directory Settings" if you have not previously installed a directory app.

  3. Locate SAML and click “Install”.

  4. Enter the fingerprint from your IdP in the Fingerprint field.

(Optional) Set SAML to required

Tip: If you'd like to configure SAML as required, we recommend first setting up SAML as optional and testing with a small group of users. Once you're sure SAML is working properly for your users, switch it to required.

  1. Go to Apps > Directory and SSO.

  2. Locate SAML and click “Configure”.

  3. Enter your IdP HTTP SAML URL in the Identity Provider HTTP SAML URL field.

  4. Toggle “Required” to the “on” position.

Note: Global admins will always be able to authenticate with a password regardless of if requiring SAML is on or off.

Configuring SAML for common IdPs

You can connect Envoy to any SSO provider with SAML 2.0. We’ve provided guides for a few common IdPs:

Note: If you'd like to configure SAML with JumpCloud as your IdP, this is possible. You can use the token from Okta or Active Directory. You'll need to install Okta or AD on your account and then take the token that's generated and use that on the JumpCloud side.

Related Articles
Setting up Envoy Mobile
About SAML
Troubleshooting SAML
SSO for Envoy via Microsoft Active Directory
SSO for Envoy via Ping Identity
Did this answer your question?