Docs
Go to Conductrics.com →
  1. Your Account

SSO via SAML

Configuration for Single-Sign-On via SAML 2 IDP

What's Supported

The Conductrics Admin supports SSO via SAML 2 for when you would like Admin users to authenticate using a SAML-based "Identity Provider" (IdP) such as Okta, Auth0, OneLogin, etc.

Conductrics is a SAML "Service Provider" (SP) in this relationship.

Requirements

  • Your company should be using an SSO Identity Provider (IdP) that supports SAML 2.
  • Each user of the Conductrics Admin still needs to be added separately as a user under Settings > Users / Teams. The permissions assigned there are what controls what each user can do within Conductrics. See Admin Users / Access for more details.
  • The email addresses for each user in the Conductrics Admin must match each user's email address in the SSO system. If you already have users in Conductrics using different email addresses, those users will need to be removed and then re-added in the Conductrics Admin.

What You'll Need for SAML Configuration

You can't configure SSO yourself via the Conductrics Admin; we will help you get it set up for you.

Here's what you'll need on your side during that process.

📘

If you're using Okta as your Identity Provider, please see Okta SSO for Okta-specific steps with screenshots.

First, you'll go to your SAML Identity Provider and add an entry for Conductrics as a Service Provider. Depending on the system you're using on your side, this process may be called adding an "app" or "application" or similar.

  • In order to create the "app" at your SSO provider, you'll need a SAML "callback" URL from Conductrics.
    • To get this, go to the login page for the Conductrics Admin and use the exact base URL (such as https://company-console.conductrics.com) plus /sso/saml/ac-xxxxx/callback using your actual Conductrics account/owner code instead of ac-xxxxx.
    • In the end you should have something like: https://company-console.conductrics.com/sso/saml/ac-xxxxx/callback.
  • You will also need the "Audience URI" string (aka SP Entity ID) for Conductrics, which is: https://sp.conductrics.com/SAML2

You should now have a SAML endpoint URL for the Conductrics "app" in your SSO system. This is essentially the URL that we should redirect to when a user wants to log in (hosted by your Identity Provider).

Once you have done the above, provide us with the SAML endpoint, and we will proceed with the next steps on our side to finish the integration. Please reach out to your Conductrics contact if you have any questions.


Updated 7 months ago

What’s Next