Connect SSO to Sailthru

Connect any Identity Provider or Single Sign-On service which uses the SAML standard with Sailthru.

If you wish to use SSO, contact Support or your CSM to get started.

Connecting an Identity Provider or Single Sign-On service is a straightforward process. Sailthru needs the following pieces of information:

  • SAML connection name
    • This is the name of the SAML connection that will be used by Sailthru. It should be in the format “saml-<companyname>” eg. saml-sailthru
  • Identity Provider Single Sign-On URL (aka “SSO URL”, “SAML Endpoint”)
    • The actual URL used to configure the SAML connection
  • X.509 Certificate
    • PKI certificate used to associate key pairs.

Your Identity Provider (IdP) should have documentation which walks you through how to set up a new application and to generate this information. However, we have provided guides for our most connected IdP services.

Note: If you’re using Single Sign-On in Sailthru and have an account created, you will need to create a Sailthru password. This is the only time you will need a password. Creating a password completes the account creation process. 

Known Limitations

  • The email value sent from the IdP must match the email address associated with the user within the Sailthru platform
    • If the Sailthru account is jblogs@sailthru.com then the IdP must pass back this email exactly as this value is used to identify the user in our system. E.g. if the IdP returns j.blogs@sailthru.com then we will not be able to log the users in.

  • IdP-initiated authentication is not currently supported
    • Users cannot login to Sailthru via the IdPs dashboard

  • While Sailthru can support IdP-initiated logout, not all IdPs support this functionality.
    • Logging out of your IdP may not log you out of Sailthru
Top