Skip to main content
Sign in
Español

What do I need to configure SSO with SAML in Embat?

  • Updated

SSO with SAML in Embat allows users to sign in only once using your organization’s Identity Provider (IdP), instead of managing separate credentials for Embat.

How does the setup process work?

The setup is a collaborative process between your team and Embat:

  1. Embat shares its connection details with you so your IT team can configure the integration on your IdP.
  2. Your team completes the configuration on your side and sends back the required data.
  3. Embat finalizes the connection on its end.

If at any point your team needs help configuring the IdP, we can arrange a session to work through it together.

 

What data does your team need from Embat to create the connection?

Share these details with your IT team to configure Embat as a SAML application in your IdP:

  • Identifier / Audience / Entity ID: https://securetoken.google.com/embat-production
  • Reply URL / Assertion Consumer Service URL / Application Callback URL:
    • https://embat-production.firebaseapp.com/__/auth/handler (default)
    • https://app.embat.io/__/auth/handler
    • If your IdP only allows one Reply URL, use the firebaseapp one.

 

What data does Embat need from your team to finalize the connection?

Once your team has configured the IdP, please share the following:

  • Which IdP are you using? (e.g. Okta, Entra ID, Auth0…)
  • What email domains do your users use, and which ones need SSO?
    • Examples: john.doe@companyname.com → domain is companyname.com
  • Issuer / Entity ID — an identifier specific to your company within your IdP.
    • Examples: https://sts.windows.net/<ID>/ or urn:companyName.auth0.com
  • Identity Provider Login URL / SSO URL — the SSO access URL specific to your IdP configuration.
    • Examples: https://login.microsoftonline.com/<ID>/saml2 or https://companyName.auth0.com/samlp/<ID>?organization=<ID>
  • Identity Provider Certificate — a file starting with -----BEGIN CERTIFICATE----- and ending with -----END CERTIFICATE-----. You can usually download it directly from your IdP.

If you have any additional questions, please contact the Product Experience team or submit a request through this link .

 

 

Related to

Related articles

Comments

0 comments

Please sign in to leave a comment.