Home > Team Management > Set up Single-sign on for your organization

Set up Single-sign on for your organization

SAML-based single sign-on (SSO) gives admins, users and guests within a Slido organization access to Slido Admin through their Identity Provider (IdP) - such as Okta, Azure, OneLogin, Auth0 or others. This can only be set up by the owner of the organization.

💡 This feature is available in our Enterprise and Institution plans.


In this article:


Upload your IdP's SAML metadata XML file to Slido

To get started, you need to set up your Identity Provider and acquire its SAML metadata XML file. Once you have it, you can upload it to your Slido organization.

  1. Open Organization settings
  2. Select Admin SAML SSO
  3. Click Browse files to upload your IdP's SAML metadata XML file

⭐ Once uploaded, our system validates the XML file


If the file is correct, you will see the Entity ID of your IdP updated. You then may continue with the setup.


Test the configuration

Before being able to enable the configuration, you first have to test it by clicking the Test SAML Login button.

This opens a new window redirecting you to your Identity Provider in order to validate that the integration setup is correct on both sides.


Successful test

If the integration is correctly set up and the test is successfully completed you will see the following window:


Click the Got it button to be redirected back to Slido Admin to continue with the setup.


Unsuccessful test

If the integration test fails you will see the following window with error notifications:


Click the Back button to be redirected back to Slido Admin to fix the issue.

🚀 If the test fails, please double-check the uploaded XML metadata file and make sure that the Slido user setting up the integration has access to the configured SAML SSO application IdP


Enable SSO

After a successful test, you can enable the integration by clicking the Enable SSO button. 


How it works for your users:

Once enabled, your users will be able to log in to Slido Admin using SSO. Their other log in options (such as password or Google login) will still remain available as well. The sample login screen below shows the user as still having the option to log in using either password or SAML SSO integration.

⭐ Once the user chooses to Log in with SSO, they will automatically be redirected to your Identity Provider

 

Enforce SSO

When Admin SAML SSO is enabled, you may choose to enforce it by clicking the Enforce SSO button. Enforced SSO means that it is mandatory for users to log in using your Identity Provider.


How it works for your users:

If the SAML SSO is enforced, any user trying to log in will have to first go through your IdP's authentication. The user will no longer be presented with other options to log in but will be redirected straight to your IdP.

⭐ Enforcing SAML SSO requires currently connected users to re-login to the account


Exclude Organization Guests from SSO

If SAML SSO is enabled or enforced, you can still exclude guests invited to your organization from the SAML SSO authentication. In other words, this setup allows guests to authenticate using other supported options (password or Google) when logging in to your account even though SAML SSO is enabled or enforced.

This can especially be useful if they're not from your company. In such a case, simply tick Exclude guests.


Curious about more?