All Collections
Technical help
How do I set up my SAML single sign-on (SSO) provider?
How do I set up my SAML single sign-on (SSO) provider?

Learn how to enable single sign-on with your identity provider using SAML.

Updated over a week ago

EasyRedir enables you to use your own Identity Provider (IdP) to authenticate your users with our SAML single sign-on (SSO) integration. The following steps will get you up and running.

Step 1: Configure your IdP for EasyRedir SSO

Most SSO providers only need two pieces of information to work with EasyRedir. In the example above, a Google Workspaces SAML application is configured as an Identity Provider for EasyRedir SSO access.

The following values should be used in your configuration:

Assertion Consumer Service (ACS) URL:

Entity ID:

Step 2: Configure EasyRedir with your IdP Details

We provide two convenient methods to add your SSO provider; file upload or manual entry. Most common SSO providers such as Google and Microsoft Azure, provide an XML Metadata file for download with all the settings needed by EasyRedir to configure your provider in our system. This includes the entity ID and the certificate.

To upload your metadata file, browse your system and locate the downloaded file then click “Save New Provider”. Once created, you will be able to edit any of the saved values.

If you would like to configure your provider manually or if your provider offers SAML support but does not provide a metadata file, you can click “Configure Metadata Manually” and complete all of the required information outlined below.

The key pieces of information required from your provider are the Entity ID, Sign-in target URL, and your certificate fingerprint.

Entity ID

This uniquely identifies the provider being used. This value should be retrieved from your SSO provider. For Google Workspaces SAML apps, this value may be something like https://accounts.google.com/o/saml2?idpid=[ID].

Sign-in Target URL (SSO Target)

This value determines where your users should be redirected to when performing authentication using your SSO provider. This value should be retrieved from your provider. For Google Workspaces SAML apps, this value may be something like https://accounts.google.com/o/saml2/idp?idpid=[ID].

Step 3: Verify and Enable Your Provider

Once created, you will be able to view and edit all of the settings for your provider. When you have completed the configuration, you must verify your provider before it can be enabled. This will initiate a login with your provider and once successful, will return you to EasyRedir and your SSO provider will be verified.

At this point, your setup is complete but users will still require logging in with email and password until you enable your SSO Provider. This is a convenient way for you to enable or disable the use of your provider at any time. To ensure you are not locked out of your account, changes to critical information cannot be made while your provider is enabled.

Step 4: Add and Verify Your Domain (optional depending on your SAML SSO configuration)

Depending on your SSO configuration through your SSO provider, you may need to add and verify your domain in the EasyRedir system in order for SAML SSO to be the only option for a user to login.

When enabled, users within your organization should be able to initiate a login through your Identity Provider but will not be able to login directly from the EasyRedir dashboard until you add and verify your domain.

When you add a domain, you will be asked to select a common administrative email address to send the verification email to. This ensures that someone with control over your domain receives and verifies that the domain should be used for authentication within EasyRedir. If you do not have access to any of these email addresses within your organization, you will need to contact an administrator who does and have them complete the verification process.

The recipient at the selected address will receive one click instructions to verify your domain. Once verified, users will be able to login using your Identity Provider through the EasyRedir dashboard.

If you have any questions about this process or need further help setting up SSO, don't hesitate to reach out to us for assistance. We're happy to help.

Did this answer your question?