Custom SAML provider

Apart from OneLogin and OKTA, it’s possible to setup a custom SAML IDP for your tenant. Here are the IDP configuration settings:

• RelayState: plusplus_saml
• Audience: https://www.plusplus.co
• ACS URL: https://{{ your_plusplus_domain_url }}/auth/complete/saml/
• Recipient: https://{{ your_plusplus_domain_url }}/auth/complete/saml/
• Signature Algorithm: SHA-1
• NameID: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
• RequestedAuthnContext Comparison: exact
• RequestedAuthnContext AuthnContextClassRef: urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport

Go to Menu > Settings > SSO & Security. Look for the “Single Sign On (SSO) Providers” section and activate “Custom SAML Provider Login”.

Then go to the “SAML Settings” section and fill the fields:

1. Issuer URL
2. SAML Endpoint
3. X.509 Certificate
4. Email Parameter Field Name
5. First Name Parameter Field Name
6. Last Name Parameter Field Name
7. Picture Parameter Field Name (optional)

Additionally you can configure the text and color of the login button through the fields:

1. Login Button Text
2. Login Button Color