Recent Searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Generic SAML 2.0

            Created by Ajay Vardhan, Modified on Wed, 07 Feb 2024 at 07:17 AM by Ajay Vardhan

            Overview

            Spendflo integrates seamlessly with identity providers supporting SAML 2.0. If your identity provider isn't listed among the integration options in Spendflo, you can configure it using either SAML 2.0 or OpenID if OIDC based.


            Prerequisites

            Ensure your identity provider meets the following minimum requirements:

            1. Conforms to SAML 2.0 standards.
            2. Provides a Single Sign-On URL, an Entity ID or Issuer URL, and a Signing Certificate.
            3. Includes the signing public key in the SAML response.


            Configure SAML Setting


            To configure the SAML settings, follow these steps:

            1. Navigate to Spendflo, then go to Profile -> Privacy & Security.
            2. In the SSO section, click on the "Setup SSO connection" button located at the top right.
            3. Choose your identity provider from the list or select "Custom SAML" if your provider is not listed.
            4. If you opt for Custom SAML, proceed by clicking "Configure Manually" in the subsequent step.
            5. Copy the ACS URL and Entity ID provided, which you will use for setting up your Identity Provider.




            Create an Application in Your Identity Provider


            Most identity providers enable users to create applications, which are essentially sets of parameters passed to Spendflo for integration. Follow these typical setup requirements:


            1. Create a new integration in the identity provider with the type set as SAML.
            2. Set both the Entity ID and the ACS/Single Sign-On URL to those copied from Spendflo in the previous section.
            3. Set the Name ID format to Email Address.
            4. Obtain the SSO Endpoint and the Public Certificate.


            Complete SAML configuration in Spendflo


            1. Return to Spendflo's SAML configuration and input the SSO Endpoint and Public Certificate obtained from your Identity Provider.
            2. In the claim domain section, add your primary domain.
            3. Copy the Record Name and Record Value to create a new TXT record in your DNS provider.
            4. Once the domain is added, click on "Validate." The validation process typically takes 1-2 minutes.
            5. The setup is now complete.


            The New Login Method after Configuration


            Upon completing the SAML setup, logging in to Spendflo will involve providing your email address on the Spendflo sign-in page. The system will automatically detect your domain and redirect you to your SAML Identity Provider for authentication. After verification, you'll be logged in to your Spendflo profile seamlessly.


            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select atleast one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0

            Can't find what you are looking for?

            Email us at support@spendflo.com