SAML

SAML Setup Instructions

Provides the steps required to enable Single Sign-On in Sobol

Requirements

You must already be a user and have access to Sobol
You must be an admin
You must have the following from your Identity Provider (IdP):
1. Single Sign-On URL
2. Entity ID
3. X.509 Certificate

If for any reason you do not have the following, please contact support@sobol.io.

To add a new SAML connection:

Login into your instance of Sobol
Once logged in, click the hamburger menu on the top, left corner of the screen
Once the sidebar opens, click the Settings tab as show below:
Once in Settings, click on the Keys tab and then on the Add Key button
Once the modal opens, enter the following Service Provider’s information and hit Save:
1. Name (ie: Okta, Azure, OneLogin)
2. SSO URL
3. Entity ID
4. X.509 Certificate

6. After creation, please verify your information by hitting the Test Connection button and ensure you are redirected back into Sobol.

7. If successfully back in Sobol, you have a working SAML connection!

Sobol Account: You MUST have a Sobol account and have access to Sobol in order to set up SSO. If for any reason you do not have the following, please contact support@sobol.io.
Org ID: Configuring SAML requires the use of your tenant’s ORG_ID. To obtain one, take note at the URL when using your instance of Sobol: https://sobol.io/d/org/[ORG_ID].
SAML Endpoint: All SAML endpoints for your tenant are housed under the following URL scheme: https://sobol.io/d/saml/v2/callback?orgId=[ORG_ID]
Username format: all users mapped across Sobol and Okta use their email to uniquely identify them.
SP Initiated Logout: we currently do not have support for logging out via SAML.
Just-In-Time Provisioning: as we support the SCIM specifications, we do not have a need for Just-In-Time provisioning. Please contact support@sobol.io for information about SCIM.
Supported Sign-in Flows: In Sobol we support the following flows:

Last updated 2 months ago