Skip to main content
All CollectionsMy AccountAccount security
Set up SSO with SAML
Set up SSO with SAML

Workspaces can set up single sign-on (SSO) using SAML for Google and Microsoft

Updated over a month ago

Setting Up SSO using SAML for Google and Microsoft

This guide will walk you through configuring Single Sign-On (SSO) using Security Assertion Markup Language (SAML) for Google and Microsoft in splose.

Notes:

  • You must be the Account owner to set up SSO

  • You will need a Google Workspace or Microsoft Azure administrator account, or set up with another Identify provider.

  • splose currently supports only SAML based SSO with Microsoft Entra ID (formerly Azure Active Directory) and Google Workspace. Whilst SAML should support other identity providers, we do not currently provide documentation on using them. If you have any questions about an identity provider other than Google and Microsoft, please contact our support team.

Tips

  • You will still need to set up users in splose manually

  • If you select login via SSO only in splose settings then users have no option to login via a password and the reset password function is not accesible

  • When deprovisioning users or revoking access to splose, with SSO you should:

    • Remove their access from the splose SSO SAML app in Google or Microsoft

    • Go to User settings in splose and click "log out everywhere"

Setting up SSO SAML for splose

Regardless of your Identity Provider i.e. Google, or Microsoft, the process on setting up SAML remains the same from the splose settings.

Go to Settings and select the Security tab.

Click the toggle under Single sign-on (SSO) to show the SSO settings.

You will see that the Identifier (Entity ID) and Reply URL (ACS URL) are not editdable.

Configure SSO

Identity Provider configuration

The two items fields for Identifier (Entity ID) and Reply URL (ACS URL) will be used to copy and paste into your Identity Provider's SAML settings.

Service Provider configuration

The fields Login URL (SSO URL) and Certificate (Base64) will be populated with the fields provided by your Identity Provider. See below for. Google Workspace and Microsoft Entra ID steps.

Login settings

Under Login settings, you have the choice of allowing users to log in using their splose username and password as well as use Single Sign-On, or enforce users to sign in only with SSO.

You can also configure the "Require users to re-authenticate after" to require users to re-authenticate via SSO after a particular time period.


Setting Up SSO SAML for Google Workspace

Setup a new SAML app in your Google Workspace​

For more in-depth instructions see the Google support guides.

Log in to your Google Workspace administrator console

Navigate to Apps > Web and mobile apps in the left hand menu

Click Add App from the dropdown list bar and select Add custom SAML app

In stage 1: App details, enter an App name, such as "splose" and click Continue.

In stage 2: Google Identity Provider detail.

  1. Copy the SSO URL and paste it to the Login URL (SSO URL) field in the splose Single Sign-on settings.

  2. Copy the Certificate and paste it to the Certificate (Base64) field in the splose Single Sign-on settings.

Click Continue.

In stage 3: Service provider details:

  • Copy the Reply URL (ACS URL) from splose and paste it into Google's ACS URL field

  • Copy the Identifier (Entity ID) from splose and paste it into Google's Entity ID field

Leave all other fields, unless otherwise required by your organisation.

In stage 4: Attribute mapping, simply click Finish.

You will be redirected back to the splose SAML app page.

Select ON for everyone to ensure all users logging into splose must log in with SSO.


Go to your splose workspace and click "Test your configuration in splose" to validate you have set this up correctly.

Once successfully configured, a new tab will open with the message. "Your SSO is working properly. Please save your changes".

Once you see this, click Save.

Please note that it takes a few minutes for validation. Continue to click Test your configuration every few minutes until validated.

Setting Up SSO SAML for Microsoft

For more in-depth instructions see the Microsoft support guides

Log in to your Microsoft Azure administrator portal

Navigate to Microsoft Entra ID

Click + Add, then select Enterprise application.

Select + Create your own application.

Enter an app name, such as "splose" and select Integrate any other application you don't find in the gallery (Non-gallery).

Click Create.

Select 2. Set up single sign on.

Select SAML

Under Step 1: Basic SAML Configuration, click Edit.

Under Identifier (Entity ID) click Add Identifier and paste splose' Identifier (Entity ID) and under Reply URL (Assertion Consumer Service URL) click Add reply URL and paste splose' Reply URL (ACS URL)

Click Save

Skip step 2 and go to step 3: SAML Certificates, and Download Certificate (Base64) Download.

📝 Note: This will download a '.cer' file which is not a readable format. You will need to open the file in a text editor software to be able to copy the raw text.

Go to your splose workspace and click "Test your configuration in splose" to validate you have set this up correctly.

Once successfully configured, a new tab will open with the message. "Your SSO is working properly. Please save your changes".

Once you see this, click Save.

Please note that it takes a few minutes for validation. Continue to click Test your configuration every few minutes until validated.

Related Articles
Set up appointment templates
Set up the Zoom integration
Set up Google Meet integration
Set up Microsoft Teams integration
Release Notes
Did this answer your question?