Setting up SSO on any other IdP

The instructions in this article are general and can be used to set up SAML SSO on identity providers not covered in our IdP-specific guides.

If your organization uses any of the listed identity providers, please use the corresponding article to set up SSO instead of this article:

Important: SSO Pre-Configuration Steps. If you are planning to allow users to self-select their own groups during onboarding, you must configure the "Can users self-register" and "Email domains" settings in Invitations & Registrations for each group before activating SSO. These settings remain active and govern which groups users can self-select during the onboarding process, even with SSO enabled. If you're using SCIM, you can ignore these settings.

1. Download the metadata from Haiilo

Only a Company Admin can set up Single Sign-On on Haiilo.

  1. On your Haiilo platform, go to Administration > Settings > Single Sign-On.
  2. Select Download metadata file.

2. Set up SSO in your identity provider

  1. Start setting up a new Haiilo Service Provider application in your identity provider. The information you need for the setup (e.g., EntityID) can be found in the metadata you downloaded in the previous step.
  2. Configure claims mapping. The Haiilo Service Provider supports the following attributes in the SAML assertion:
    • EmailAddress (Required - case sensitive, cannot contain any other characters, and must include capital E and A). Note, this is not required for Entra ID.
    • FirstName (Optional)
    • LastName (Optional)
  3. Assign users to the application in your identity provider. Only the assigned will be able to log in to Haiilo.
  4. After setting up the application in your identity provider, download its metadata.

3. Finalize the SSO setup on Haiilo

  1. Go back to Haiilo > Administration > Settings > Single Sign-On.
  2. Upload the metadata by selecting Upload metadata file.
  3. Then, select Test the configuration. You will be directed to test the login. If the login flow works and you can access Haiilo, the configuration has been successful.
    • If you receive an error from Haiilo, please see the "I get an "Oops" error with SAML SSO. Why?" article.
    • If you receive an error from your identity provider, please ensure your account has been assigned to the application and you are allowed to access it.
  4. If everything works as expected, enable SAML by toggling the Enable SAML switcher.

Was this article helpful?

0 out of 0 found this helpful