Configuring SAML

This guide is the second step for adding SSO to your Frontegg application so that users can sign in using their SAML credentials.

  1. Enable SAML in Login Box
  2. 👉 Configure SAML 👈
  3. Enable SSO for Admin Portal
  4. Configure customer identity provider

Read below to learn how to configure SSO for the SAML standard.

🚧

Before configuring SAML, enable it in the Portal.

Configure SAML in Frontegg Portal

Configure the credentials for each SSO standard you enable in the Builder.

Go to Environments ➜ [NAME OF ENVIRONMENT] ➜ Authentication ➜ SSO.

📘

For instance, go to the development environment at Environments ➜ Development ➜ Authentication ➜ SSO.


2880

📘

If you do not see SSO in the sidebar or an SSO standard is missing, enable it in the Builder.



After clicking the SAML configure button, complete the form on the following page.


2880

🚧

Remember to commit and publish your changes.


ACS URL

Enter your frontegg subdomain followed by /auth/saml/callback. For example if your frontegg workspace URL is https://acme.frontegg.com, enter as your ACS URL https://acme.frontegg.com/auth/saml/callback.

🚧

When using a custom domain:

If you've configured a custom domain on Frontegg, use that domain instead of the frontegg subdomain, and it should be as well followed by /auth/saml/callback.

SP Entity ID

Customers use this value when they configure their identity provider. We recommend you use the name of your application.

Redirect URL

If you are using the Hosted Login method, add the Redirect URL as https://[your-frontegg-domain].frontegg.com/oauth/account/saml/callback?redirectUrl=[your-application-url].

If you are using the Embedded Login method, add the Redirect URL as [your-application-url]/account/saml/callback i.e. http://localhost:3000/account/saml/callback

👍

Moving Environments

When moving a project from one environment to another, Frontegg moves the SSO environment configurations for you. For instance, if moving from development to production, Frontegg moves the development SSO configurations to production.

Next Step: Configure customer identity provider

After configuring SAML in the Frontegg Portal, make sure you enable SSO for the Admin Portal so that users can access their SAML settings in the Admin Portal.

  1. Enable SAML in Login Box
  2. Configure SAML
  3. 👉 Enable SSO for Admin Portal 👈
  4. Configure customer SAML identity provider