redirect.pizza can connect directly with your IdP to enable SSO via SAML2. This guide provides the necessary information for setting that up.
Note: SAML SSO is only available from our Business plan and up.
Setting up
Navigate in redirect.pizza to More -> Settings. At the bottom of the page, you will find your entity ID & ACS URL.
Navigate to your identity provider and set-up your SSO connection with the Entity ID & ACS URL as defined here.
Set the following options if available:
- Name ID format: EmailAddress
- Signed Assertions: Yes
- Encryption: Preferred. Download our certificate here.
Downloading your specifications
Download your IdP's metadata XML file and send it to support@redirect.pizza to be configured on your team. Include which domains you want to activate SSO on. In most cases, it's a single domain. We can support multiple domains under 1 SSO configuration as well. After which, we'll set-up SAML SSO and let you know when it's activated.
Authentication
When SAML SSO is activated, users may authenticate through their IdP or via redirect.pizza. When a domain is detected in the email address, we'll prompt the user with the ability to login directly with SAML SSO.
Inviting users
You can invite new users under More -> Users. They will receive an invite link. When that link is followed the user is provisioned directly.
