Connect SSO to Sailthru
Connect any Identity Provider or Single Sign-On service which uses the SAML standard with Sailthru.
If you wish to use SSO, have the following information ready and contact Support or your CSM. We’ll schedule a meeting with your and your team to activate SSO in real-time.
Connecting an Identity Provider or Single Sign-On service is a straightforward process. Sailthru needs the following pieces of information:
- SAML connection name
- This is the name of the SAML connection that will be used by Sailthru. It should be in the format “saml-<companyname>” eg.
saml-sailthru
- This is the name of the SAML connection that will be used by Sailthru. It should be in the format “saml-<companyname>” eg.
- Identity Provider Single Sign-On URL (aka “SSO URL”, “SAML Endpoint”)
- The actual URL used to configure the SAML connection
- X.509 Certificate
- PKI certificate used to associate key pairs.
Your Identity Provider (IdP) should have documentation which walks you through how to set up a new application and to generate this information. However, we have provided guides for our most connected IdP services.
Note: If you’re using Single Sign-On in Sailthru and have an account created, you will need to create a Sailthru password. This is the only time you will need a password. Creating a password completes the account creation process.
Note: If you’re looking for information on Multifactor Authentication, check the Multifactor Authentication hub.
Known Limitations
- The email value sent from the IdP must match the email address associated with the user within the Sailthru platform
- If the Sailthru account is jblogs@sailthru.com then the IdP must pass back this email exactly as this value is used to identify the user in our system. E.g. if the IdP returns j.blogs@sailthru.com then we will not be able to log the users in.
- IdP-initiated authentication is not currently supported
- Users cannot login to Sailthru via the IdPs dashboard
- While Sailthru can support IdP-initiated logout, not all IdPs support this functionality.
- Logging out of your IdP may not log you out of Sailthru