Overview
SAML allows users to authenticate with a central Identity Provider (IdP) and access multiple applications using those same credentials. In the context of Factors, SAML login lets users bypass creating separate logins for Factors and instead leverage their existing IdP credentials for authentication.
How to set it up
Factors supports SAML-based login with most of the Identity Providers (IdP) like Okta, Azure, OneLogin, etc. Depending on the IdP that your organization uses, you can find specific instructions on how to enable SAML login using your IdP below.
Using Okta
Login to your Okta account and navigate to "Applications".
Click "Create App Integration", create a "SAML 2.0" app, and click Next.
Give the app a name and hit "Next".
In the next step, add the "Single sign-on URL". You can find this inside your Factors project by going into Settings >> Login and Security and then enabling SAML.
Copy the "ACS URL" from your Factors project and paste it into the "Single sign-on URL" field in Okta.
Next, paste the "Identifier" in the "Audience URI (SP Entity ID)" Also, ensure the "Name ID format" is set as "EmailAddress".
Then, under "Attribute Statements", set Name as "user_email", Name format as "Basic" and Value as "user.email".
Once done, click on "Next" to go to the next step.
In the next step, select this is an internal app and then hit "Finish".
Your Factors app will now be created on Okta. To finish the setup, go to the "Sign On" tab inside the app and click on "More details".
From there, find the Sign On URL, Sign out URL, and the Signing Certificate. Copy and paste all of these into their respective fields inside your Factors project and hit "Save".
And that's it! Your project will now require all users to log in via Single Sign On using your configured Identity Provider.
