My Account Overview
  • Account Management
    Account Management Overview Roles and Permissions – What’s New Roles and Permissions User Management Team Management Account Settings Universal Links and Your iOS App Android App Links and Your Android App
  • Support
    Support Business Hours Create and Manage Support Tickets Sailthru Maintenance Windows
    • Custom Font ManagementVerified Sending Domain
  • Single Sign-On
    • Multifactor Authentication

    Connect SSO to Sailthru

    Connect any Identity Provider or Single Sign-On service which uses the SAML standard with Sailthru.

    If you wish to use SSO, have the following information ready and contact Support or your CSM. We'll schedule a meeting with your and your team to activate SSO in real-time. Connecting an Identity Provider or Single Sign-On service is a straightforward process. Sailthru needs the following pieces of information:
    • SAML connection name
      • This is the name of the SAML connection that will be used by Sailthru. It should be in the format "saml-<companyname>" eg. saml-sailthru
    • Identity Provider Single Sign-On URL (aka "SSO URL", "SAML Endpoint")
      • The actual URL used to configure the SAML connection
    • X.509 Certificate
      • PKI certificate used to associate key pairs.
    Your Identity Provider (IdP) should have documentation which walks you through how to set up a new application and to generate this information. However, we have provided guides for our most connected IdP services. Note: If you're using Single Sign-On in Sailthru and have an account created, you will need to create a Sailthru password. This is the only time you will need a password. Creating a password completes the account creation process.  Note: If you're looking for information on Multifactor Authentication, check the Multifactor Authentication hub.

    Known Limitations

    • The email value sent from the IdP must match the email address associated with the user within the Sailthru platform
      • If the Sailthru account is jblogs@sailthru.com then the IdP must pass back this email exactly as this value is used to identify the user in our system. E.g. if the IdP returns j.blogs@sailthru.com then we will not be able to log the users in.
    • IdP-initiated authentication is not currently supported
      • Users cannot login to Sailthru via the IdPs dashboard
    • While Sailthru can support IdP-initiated logout, not all IdPs support this functionality.
      • Logging out of your IdP may not log you out of Sailthru
    Top