To learn more about the benefits of using single sign-on, please read our About SAML article.
Enabling SAML for Envoy
- Go to Integrations > All integrations.
- Locate SAML and click “Install”.
- Enter the fingerprint from your IdP in the Fingerprint field.
(Optional) Set SAML to required
Tip: If you'd like to configure SAML as required, we recommend first setting up SAML as optional and testing with a small group of users. Once you're sure SAML is working properly for your users, switch it to required.
- Go to Integrations > Enabled integrations.
- Locate SAML and click “Configure”.
- Enter your IdP HTTP SAML URL in the Identity Provider HTTP SAML URL field.
- Toggle “Required” to the “on” position.
Note: Global admins will always be able to authenticate with a password regardless of if requiring SAML is on or off.
Configuring SAML for common IdPs
You can connect Envoy to any SSO provider with SAML 2.0. We’ve provided guides for a few common IdPs: