SAML Secured Login is currently available as part of a beta trial. To add SAML login to your account, please contact firstname.lastname@example.org.
SAML, or Security Assertion Markup Language, is a secure, XML-based protocol for communicating identities between organizations. Put simply, SAML allows users to log in to all their critical services using one central, secure SAML account.
By utilizing SAML, you can eliminate the need for having multiple sets of usernames and passwords for every service your team uses, offering your team members a centralized, secure system for logging in to all of their critical services. For those who have utilized a Single-Sign-On (SSO) tool in the past, think of SAML as another form of this login method. By configuring Accelo to use your SAML provider, your team can log in to their individual Accelo accounts easily through whatever service your company uses for SAML.
Using this guide, you can:
The SAML secured login protocol involves three different roles:
The user: This is the person who is attempting to log in.
The Service Provider (SP): This is the service that they're attempting to log in to, such as Accelo.
The Identity Provider (IdP): This is the service provider that grants your SAML services.
When the user wants to log in to an application like Accelo, that user will do so by logging in to his or her account with the Identity Provider. The Identity Provider will then validate the user’s identity and communicate that validity to Accelo, which will then log the user in to the system.
There are a number of different Identity Providers to choose from, including Azure Active Directory, Okta, AuthAnvil and Active Directory Federation Services, among others. Accelo supports all major SAML services.
To configure your Accelo account to use SAML secured login, you will need to provide Accelo with a few key details that will be used to connect Accelo to your SAML service provider. This information is required for all SAML service providers.
Issuer URI: The URI that identifies the issuer (IdP) of a SAML message element.
x509 Certificate: This can typically be downloaded from your Identity Provider's site after adding Accelo.
NOTE: This should be sent in .txt format.
Signon URL: When a user opens this URL, the service provider redirects to the IdP to authenticate and sign on the user.
IdP Provider: The name of the IdP you’re using: Azure Active Directory, Okta, etc.
Signout URL: Though not vital, it is still helpful to send. Without the Signout URL, the logout process only half-completes, and the SAML service will still operate under the assumption that the user is still logged in to the system.
To obtain this information, you will first need to add Accelo to your Service Provider as an authorized app. For information on how to add this app, click the link for your service provider below:
Once SAML has been configured for your Accelo account, you will notice a new button on your Accelo login screen: Login with SAML.
Simply click this button and log in to your SAML account. You will then be logged in as normal.