SAML

SAML Setup Instructions

Provides the steps required to enable Single Sign-On in Sobol

Requirements

You must already be a user and have access to Sobol
You must be an admin
You must have the following from your Identity Provider (IdP):
1. Single Sign-On URL
2. Entity ID
3. X.509 Certificate

If for any reason you do not have the following, please contact support@sobol.io.

Steps

To add a new SAML connection:

Login into your instance of Sobol
Once logged in, click the hamburger menu on the top, left corner of the screen
Once the sidebar opens, click the Settings tab as show below:
Once in Settings, click on the Keys tab and then on the Add Key button
Once the modal opens, enter the following Service Provider’s information and hit Save:
1. Name (ie: Okta, Azure, OneLogin)
2. SSO URL
3. Entity ID
4. X.509 Certificate

6. After creation, please verify your information by hitting the Test Connection button and ensure you are redirected back into Sobol.

7. If successfully back in Sobol, you have a working SAML connection!

Troubleshooting Tips

Sobol Account: You MUST have a Sobol account and have access to Sobol in order to set up SSO. If for any reason you do not have the following, please contact support@sobol.io.
Org ID: Configuring SAML requires the use of your tenant’s ORG_ID. To obtain one, take note at the URL when using your instance of Sobol: https://sobol.io/d/org/[ORG_ID].
SAML Endpoint: All SAML endpoints for your tenant are housed under the following URL scheme: https://sobol.io/d/saml/v2/callback?orgId=[ORG_ID]
Username format: all users mapped across Sobol and Okta use their email to uniquely identify them.
SP Initiated Logout: we currently do not have support for logging out via SAML.
Just-In-Time Provisioning: as we support the SCIM specifications, we do not have a need for Just-In-Time provisioning. Please contact support@sobol.io for information about SCIM.
Supported Sign-in Flows: In Sobol we support the following flows:

Identity Provider (IdP) Initiated
Service Provider (SP) Initiated (full support coming soon)

PreviousGetting an "Invalid Safe Address" Error NextSCIM

Last updated 6 months ago

Steps

To add a new SAML connection:

Once logged in, click the hamburger menu on the top, left corner of the screen

Once the sidebar opens, click the Settings tab as show below:

Once in Settings, click on the Keys tab and then on the Add Key button

Once the modal opens, enter the following Service Provider’s information and hit Save:

Name (ie: Okta, Azure, OneLogin)
SSO URL
Entity ID
X.509 Certificate

6. After creation, please verify your information by hitting the Test Connection button and ensure you are redirected back into Sobol.

7. If successfully back in Sobol, you have a working SAML connection!

Troubleshooting Tips

Sobol Account: You MUST have a Sobol account and have access to Sobol in order to set up SSO. If for any reason you do not have the following, please contact support@sobol.io.

Org ID: Configuring SAML requires the use of your tenant’s ORG_ID. To obtain one, take note at the URL when using your instance of Sobol: https://sobol.io/d/org/[ORG_ID].

SAML Endpoint: All SAML endpoints for your tenant are housed under the following URL scheme: https://sobol.io/d/saml/v2/callback?orgId=[ORG_ID]

Username format: all users mapped across Sobol and Okta use their email to uniquely identify them.

SP Initiated Logout: we currently do not have support for logging out via SAML.

Just-In-Time Provisioning: as we support the SCIM specifications, we do not have a need for Just-In-Time provisioning. Please contact support@sobol.io for information about SCIM.

Supported Sign-in Flows: In Sobol we support the following flows:

Identity Provider (IdP) Initiated

Service Provider (SP) Initiated (full support coming soon)