Enabling SAML SSO allows projects that are published to require your Identity Provider (IdP) credentials to view.
SAML SSO can be enabled so that members of the workspace are required to sign-in using your Identity Provider (IdP) credentials to access the workspace.

Things to keep in mind

For security reasons, every email address domain used in the SAML integration (i.e. [email protected]) must be authorized by a Standards team member. By default, we authorize the domain associated with the account holder. Let us know if there are other domains you need authorized.
SAML integrations and settings are configured on a specific workspace. If you would like to use SAML for multiple workspaces, they will need to be configured separately.

What is needed

A Standards account with an Enterprise plan
Admin or owner permissions in the workspace where SAML is to be configured
An external identity provider that supports SAML integrations

Identity provider setup

First, you need to set up the SAML integration with your Identity Provider (IdP). The exact setup process will depend on your provider, so consult their documentation.

During setup, you will need two values.

ACS URL: This URL is the endpoint in our application where the identity provider will send its responses. The value is **https://app.standards.site/__/auth/handler**
SP Entity ID: A unique identifier for our service, which will be recognized by the Identity Provider. The value is standards-site-beta

After setting up SAML with your IdP you should have access to the following information which will needed to complete the integration.

Entity ID: The unique identifier provided by your Identity Provider. This helps establish trust between the service and the IdP.
SSO URL: The Single Sign-On Service URL from your Identity Provider. This is where the authentication requests will be sent.
Certificate: The certificate you received from your Identity Provider. This ensures encrypted and secure communication between the service and the IdP.

Standards setup

From the workspace dashboard, select the Settings page
Select Enable when hovering on SAML SSO.
Enter the values from the Identity provider setup step into their corresponding fields. For the Name field, enter a human-friendly name for the integration. It will be presented in the app as ‘Sign in with Name’.
After you have entered all the information, select Submit

Enabling SAML SSO

From the workspace dashboard Settings page, select Edit ****.
Choose which sign in options are available on published projects. Make sure to enable SAML.
If you’d like to enable members of your workspace to sign-in using SAML SSO, select Enable under Workspace sign in page.

Testing the integration

Make sure to enable the Workspace sign in page. You can disable this after testing, if desired.
Copy the URL.
Open the URL in a different tab or browser. Note that testing the SSO login will sign you out of your current credentials, if you choose to sign in with a different account.
Sign in with the SAML option with an email address that is a member of the workspace. If it’s set up correctly you will be signed in and redirected to the workspace dashboard.

Related guides

Publish & share

Project access page