SAML 2.0 is the Single Sign-On (SSO) standard for enterprise cloud applications.
Using SAML, administrators can manage user access from a single place, and users can access different applications with a single login through an identity provider (IdP) like OneLogin, Okta, G Suite, Microsoft Outlook, or another IdP. This provides your organization with higher security and greater convenience.
Set it up by uploading a validation certificate to Insightly and copying the Insightly SAML URL to your identity provider.
This feature is not supported on mobile.
To enable SAML single sign-on in Insightly
- You'll need to have an account with an identity provider like OneLogin, Okta, Ping Identity, G Suite, or another IdP.
- Add your users to Insightly and have them complete their registration. Each email address you use here will need to match each user's email address in the other systems you're connecting to.
- In Insightly, go to System Settings > Single Sign-On.
- Check Enable SAML Sign-on.
- Copy the Sign-in page URL.
- In your identity provider's settings, set up a SAML app for Insightly.
Insightly only supports IDP-initiated SAML 2.0. We do not support SP-initiated SAML.
- Paste the Insightly sign-in page URL in the appropriate field.
- Enter an Insightly administrator's email address from your account.
- Download the IdP's public key/certificate file.
- In Insightly, go back to System Settings > Single Sign-On.
- Upload the certificate or XML metadata file. If you have both, you only need to upload one
If you upload the XML metadata file instead of the certificate, make sure that metadata has the correct certificate included. You will receive an error message otherwise.
- Check Enforce SAML Login if you want to force users to use SAML. If it's enabled but not enforced, users can continue to log in without using their SAML login.
- Click Save.
Now your users can go log in to your identity provider, access their application panel, and log right in to Insightly.