SAML Setup Instructions

Provides the steps required to enable Single Sign-On in Sobol


  1. You must already be a user and have access to Sobol

  2. You must be an admin

  3. You must have the following from your Identity Provider (IdP):

    1. Single Sign-On URL

    2. Entity ID

    3. X.509 Certificate

If for any reason you do not have the following, please contact


To add a new SAML connection:

  1. Login into your instance of Sobol

  2. Once logged in, click the hamburger menu on the top, left corner of the screen

  3. Once the sidebar opens, click the Settings tab as show below:

  4. Once the modal opens, enter the following Service Provider’s information and hit Save:

    1. Name (ie: Okta, Azure, OneLogin)

    2. SSO URL

    3. Entity ID

    4. X.509 Certificate

6. After creation, please verify your information by hitting the Test Connection button and ensure you are redirected back into Sobol.

7. If successfully back in Sobol, you have a working SAML connection!

Troubleshooting Tips

  1. Sobol Account: You MUST have a Sobol account and have access to Sobol in order to set up SSO. If for any reason you do not have the following, please contact

  2. Org ID: Configuring SAML requires the use of your tenant’s ORG_ID. To obtain one, take note at the URL when using your instance of Sobol:[ORG_ID].

  3. SAML Endpoint: All SAML endpoints for your tenant are housed under the following URL scheme:[ORG_ID]

  4. Username format: all users mapped across Sobol and Okta use their email to uniquely identify them.

  5. SP Initiated Logout: we currently do not have support for logging out via SAML.

  6. Just-In-Time Provisioning: as we support the SCIM specifications, we do not have a need for Just-In-Time provisioning. Please contact for information about SCIM.

  7. Supported Sign-in Flows: In Sobol we support the following flows:

  • Identity Provider (IdP) Initiated

  • Service Provider (SP) Initiated (full support coming soon)

Last updated