SAML SSO with other configurations

Plans supporting single sign on (SSO)

Professional
Business
Enterprise






To configure Single Sign-On (SSO) between Document360 and any Identity Provider (IdP) not listed explicitly in Document360, ensure you have the necessary credentials and access to both Document360 and your chosen IdP. Please note that only users with Owner or Admin as Project role can configure SSO in Document360.

PRO TIP

It is recommended to open Document360 and your Identity Provider (IdP) in two separate tabs/browser windows, since configuring SSO in Document360 will require you to switch between Okta and Document360 multiple times.

Adding an Application in your Identity Provider

You must create a new SAML application in your Identity Provider:

  1. Log in to your Identity Provider's admin console using your credentials.

  2. Locate the section where you can create or manage applications (often labeled as Applications, Enterprise Applications, or similar).

  3. Select the option to create a new application.

  4. Configure the basic settings for the new application:

    • Application Name: Enter a name, e.g., "Document360 SSO".

    • Application Type: Select SAML 2.0 as the sign-in method.

  5. Save your application settings.

Configuring SAML in your Identity Provider

Next, you will need to configure SAML settings in your Identity Provider using parameters from Document360:

  1. Open Document360 in a separate tab or window.

  2. Navigate to Settings > Users & security > SAML/OpenID in Document360.

  3. Click the Create SSO button.

  1. Select Others as your Identity Provider (IdP) to navigate to the Configure the Service Provider (SP) page automatically.

  1. In the Configure the Service Provider (SP) page, you'll find the required parameters to configure your SAML integration in the Identity Provider.

In your Identity Provider's SAML configuration:

  • Single Sign-On URL: Enter the Callback path from Document360.

  • Entity ID: Enter the Service provider entity ID from Document360.

  • Audience URI: This is typically the Service provider entity ID or Single Sign-On URL provided by Document360.

Attribute Mapping

You may need to configure attribute statements for your Identity Provider:

Attribute Name

Value

NameID

user.email or user ID

email

user.email

name

user.name

Configure these values as required by your Identity Provider. Note that the case of attribute names may be important.

Feedback and Additional Configuration

Some Identity Providers may ask for feedback or additional information:

  1. Provide any additional configuration details as required by your Identity Provider.

  2. Review your settings and save the SAML configuration.

Document360 SSO Configuration

Finally, complete the SSO configuration in Document360:

  1. Return to the Document360 tab/window displaying the Configure the Service Provider (SP) page and click Next to navigate to the Configure the Identity Provider (IdP) page.

  2. Enter the corresponding values from your Identity Provider:

Identity Provider

Document360

Single Sign-On URL

Identity Provider Single Sign-On URL

Entity ID

Identity Provider Issuer

SAML Certificate (X.509)

SAML Certificate

  1. Download the X.509 Certificate from your Identity Provider and upload it to Document360.

  2. Toggle on/off the Allow IdP initiated sign in option based on your project requirements.

  1. Click Next to proceed to the More settings page.

More Settings

In the More settings page, configure the following:

  • SSO name: Enter a name for the SSO configuration.

  • Customize login button: Enter the text for the login button displayed to users.

  • Auto assign reader group: Toggle on/off as needed.

  • Sign out idle SSO team account: Toggle on/off based on your requirements.

  • Choose whether to invite existing team and reader accounts to SSO.

  1. Click Create to complete the SSO configuration.

The SSO configuration will now be set up in Document360 using your selected Identity Provider.