Step by step guide on how to set up SSO for your organization's OpenEnvoy workspace
- Introduction
- Setting Up SSO
- OpenEnvoy Service Information
- Attributes Mapping
- Metadata File
- Guidelines for SSO Setup
- SAML with G Suite
- Azure
Introduction
Large enterprises use a number of services with a large number of end-users. It is almost impossible to manage hundreds, thousands, or tens of thousands of users across tens or hundreds of different applications. Due to this, enterprises have been utilizing Single Sign-On to manage the provisioning, de-provisioning, and providing permissions to accounts throughout the years.
There are several standards that will allow your organization to manage users in a single directory. The leading standard is SAML.
OpenEnvoy has a generic SAML 2.0 implementation that supports Single-Sign-On through many other integrated vendors. While the integration steps may vary slightly in each case, these are the general guidelines for SAML integration.
Setting up SSO for OpenEnvoy
You will need to register OpenEnvoy as a service in your system. After registering the OpenEnvoy app, please share the SAML metadata file with your CSM or support@openenvoy.com.
OpenEnvoy Service Information
When configuring the SSO app as the service, you will need the below links to register OpenEnvoy in your Single Sign-On instance:
- Service URL: https://auth.openenvoy.io/saml2/idpresponse
- Entity Identifier: urn:amazon:cognito:sp:us-west-2_S2UwpguT2
Attributes Mapping
OpenEnvoy expects SSO to provide the following attributes for every user, which is basic information for users to sign into the OpenEnvoy application:
- primary_email
- first_name
- last_name
Metadata File
After the OpenEnvoy application is configured with the above information, your IT admin will need to send us the SAML Metadata file. This file has two pieces of information:
- Sign-on/SAML URL
- x.509 Certificate or Formatted Fingerprint
Please send either the XML metadata file or the document link to your CSM or support@openenvoy.com.
Guides for SSO Setup
We support most of the popular SSO options out there including:
- OneLogin
- Okta
- Active Directory Federation Services
- Azure Active Directory
SAML with G Suite
Google G Suite for businesses now supports SAML 2.0 Single-Sign-On (SSO).
To implement this, please visit: Set up your own custom SAML application