Home > Team Management > Set up Single-sign on for your organization

Set up Single-sign on for your organization

SAML-based single sign-on (SSO) gives Admins, Users and Guests within a Slido organization access to Slido through their Identity Provider (IdP) - such as Okta, Azure, OneLogin, Auth0 or others. This can only be set up by the owner of the organization.

Member provisioning for selected IdPs is also available, although it's possible to leverage our implementation of the SCIM protocol with any other IdP that adheres to SCIM standards.

💡 This feature is available in our Enterprise and Institution plans only.


In this article:


Upload your IdP's SAML metadata XML file to Slido

To get started, you need to set up your Identity Provider and acquire its SAML metadata XML file. Once you have it, you can upload it to your Slido organization.

  1. Open Organization settings
  2. Select Member SAML SSO
  3. Click Browse files to upload your IdP's SAML metadata XML file

⭐ Once uploaded, our system validates the XML file


If the file is correct, you will see the Entity ID of your IdP updated. You then may continue with the setup.


Test the configuration

Before being able to enable the configuration, you first have to test it by clicking the Test SAML Login button.

This opens a new window redirecting you to your Identity Provider in order to validate that the integration setup is correct on both sides.


Successful test

If the integration is correctly set up and the test is successfully completed you will see the following window:


Click the Got it button to be redirected back to your Organization settings to continue with the setup.


Unsuccessful test

If the integration test fails you will see the following window with error notifications:


Click the Back button to be redirected back to your Organization settings to fix the issue.

🚀 If the test fails, please double-check the uploaded XML metadata file and make sure that the Slido user setting up the integration has access to the configured SAML SSO application IdP


Enable SSO

After a successful test, you can enable the integration by clicking the Enable SSO button. 


How it works for your members:

Once enabled, your members will be able to log in to Slido using SSO. Their other log in options (such as password or Google login) will still remain available as well. The sample login screen below shows the member as still having the option to log in using either password or SAML SSO integration.

⭐ Once the user chooses to Log in with SSO, they will automatically be redirected to your Identity Provider

 

Enforce SSO

When Member SAML SSO is enabled, you may choose to enforce it by clicking the Enforce SSO button. Enforced SSO means that it is mandatory for members to log in using your Identity Provider.


How it works for your members:

If the SAML SSO is enforced, any member trying to log in will have to first go through your IdP's authentication. The member will no longer be presented with other options to log in but will be redirected straight to your IdP.

⭐ Enforcing SAML SSO requires currently connected members to re-login to the account


Exclude Organization Guests from SSO

If SAML SSO is enabled or enforced, you can still exclude guests invited to your organization from the SAML SSO authentication. In other words, this setup allows guests to authenticate using other supported options (password or Google) when logging in to your account even though SAML SSO is enabled or enforced.

This can especially be useful if they're not from your company. In such a case, simply tick Exclude guests.

 

Set up Member provisioning in selected Identity Providers

You can set up SAML SSO and provisioning for your Slido organization in the following IdP's:


 

Curious about more?