SAML SSO (Generic IdP)
SAML SSO Integration (Generic Identity Provider)
This guide explains how to set up Single Sign-On (SSO) in AutoRABIT with any Identity Provider (IdP) that supports SAML 2.0, such as SailPoint, Okta, Ping Identity, or others.
When you integrate AutoRABIT with a SAML 2.0 IdP, you can:
Control access to AutoRABIT through your IdP
Enable users to sign in to AutoRABIT with their IdP credentials
Manage user permissions centrally in your IdP
Prerequisites
To get started, you need the following:
An IdP that supports SAML 2.0
Administrator access to AutoRABIT and your IdP
The ability to configure a custom or non-gallery SAML application in your IdP
Step 1: Configure Your Identity Provider
Log in to your IdP management console and create a new custom SAML application. In the SAML configuration screen, use the following values:
Identifier (Entity ID): https://<your-instance-domain>/saml/metadata (Example: https://xyz.com/saml/metadata)
Reply URL (Assertion Consumer Service URL): https://<your-instance-domain>/saml/SSO (Example: https://xyz.com/saml/SSO)
Sign-on URL (optional): https://<your-instance-domain> (This is the secure login page of your AutoRABIT instance)
Once configured, locate and download the Federation Metadata XML or equivalent metadata file from your IdP.
Step 2: Configure SSO in AutoRABIT
Log in to your AutoRABIT account as an administrator.
Hover over the Admin module and select My Account.
On the My Account page, scroll down to the SSO Configuration section.
Upload the metadata XML file you downloaded from your IdP.
Save your changes and sign out of your AutoRABIT account.
Step 3: Test SSO Access
Go to the AutoRABIT login page.
Click the Single Sign-On option.
Enter your configured domain name and click Go.
You will be redirected to your Identity Provider to authenticate.
After successful authentication, you will be directed back to AutoRABIT.
Troubleshooting Tips
Ensure that the times on your IdP and AutoRABIT instance are synchronized.
The user’s email in the IdP must match the user record in AutoRABIT.
If the login fails, check the SAML response using a browser plugin like SAML-tracer or review your IdP's activity logs.
Last updated
Was this helpful?