Overview
By using SAML single sign-on (SSO) for authentication, you can centrally manage your team’s access to Sperta.
This feature is available for enterprise customers. You must configure your SAML identity provider (IdP) such as Okta and Entra ID. Sperta functions as a SAML service provider (SP), and configuration is also needed from our end.
SAML metadata
As a service provide (SP), Sperta provides the following metadata for your SAML configuration
| Name | Description | Example |
|---|---|---|
SP Entity ID | The unique identifier of SP |
|
SP Assertion Consumer Service (ACS) URL | URL where IdP sends SAML responses |
|
SP Single Sign-On (SSO) URL | URL where IdP begins SSO |
|
SAML configuration
First, you must configure the SAML application with your IdP using the metadata provided above. Replace acme with your workspace ID from the examples. You also need to assign your users to the SAML application.
Then, reach out to customer support and provide the following information:
- The email domains that you want to enforce single sign-on (home realm discovery). For example, if your domain is
acme.com, any team member with such an email address will be required to use single sign-on. - The sign in URL provided by your IdP.
- X509 signing certificate provided by your IdP.
After Sperta configures your SAML connection, you must invite them to the Sperta dashboard. Any user who is assigned to Sperta in your IdP will be able to accept the invite and join Sperta.