With SAML you can allow people to easily login to your team portal on start.me using their existing work account. Whether you use Okta, OneLogin, ADFS or another IdP, setup is easy.
In order to configure SSO for your Team, follow these steps:
- Step 1: Add new IdP (Identity Provider) to start.me
- Step 2: Configure start.me as an application in your IdP
- Step 3: Configure IdP in start.me
- Change the label of the login button
- Test the login flow
- Skip the login screen
What is SAML?
SAML is an XML-based open standard data format for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. This integration provides single sign on for SAML and start.me, allowing you to use your SAML credentials to authenticate in start.me.
Step 1: Add new IdP (Identity Provider) to start.me
To configure a new SAML2 integration, the administrator of a team can go to Team Portal -> Authentication -> Single Sign-On (SSO) and click "Add".
While adding a new IdP you can select one of the popular IdP's:
[ Back to menu ]
Step 2: Configure start.me as an application in your IdP
Some IdP's allow you to automatically configure the SAML2 integration by a metadata file. You can get the start.me metadata file by going to the Metadata URL mentioned below.
Metadata URL | https://yourteamdomain].start.me/users/auth/saml2/metadata?id=[auth-id] |
Callback/ACS URL | https://[yourteamdomain].start.me/users/auth/saml2/callback?id=[auth-id] |
Recipient | https://[yourteamdomain].start.me/users/auth/saml2/callback?id=[auth-id] |
EntityID | startme |
Required attributes |
|
[ Back to menu ]
Step 3: Configure IdP in start.me
Go to Team Portal -> Authentication and click "Configure" next to the IdP you created in step 1.
Here you can upload the metadata file generated by the IdP. The following fields need to be specified:
- SAML 2.0 Endpoint (HTTP)
- IdP Entity ID
- Public Certificate
[ Back to menu ]
Change the label of the login button
Finally, you are able to configure the look and feel of the Login button that will be shown to users on the sign-in screen of your team portal.
Test the login flow
After you have configured your IdP, you can test the login flow by clicking "Open test page" in the menu.
This will open a new browser window with test instructions. You will need to copy the URL and open it in a new Incognito Window.
[ Back to menu ]
Optional: Skip the login screen
After you configured your IdP, you can select it as the default login method and thereby bypass the start.me login screen for your users. Instead of the start.me login screen, users will immediately be redirected to the IdP login screen.
[ Back to menu ]
Please contact support@start.me for more information about getting SAML2 integrated on start.me.
Comments
0 comments
Article is closed for comments.