Subscription Required: Single Sign On isn't available on all subscription plans. Contact our Support Team to learn more: Send an email to Support
Key Team Members:
In order to set up SSO, a Loopio Administrator will need to approve the change in authentication method.
You’ll need one technical contact, to spearhead your SSO implementation and work with the Loopio team. This contact will need access to make updates to your organization’s QA/UAT/Test and production environments through the Identity Provider (IdP).
You’ll also need at least one contact with a Loopio license for testing authentication in your Loopio account.
Tip: A user license can be given to your technical contact and disabled upon the completion of your SSO setup. Disabled licenses will not count towards your license limit
Loopio is compatible with third-party identity federation systems that adhere to the SAML 2.0 standard. For example (but not limited to):
Technical Details
- Certificate Strength: SHA256
- Name ID format: EmailAddress
- Response Signed: Yes
- Assertion Signature: Yes
- Signature Algorithm: RSA-SHA256
- Digest Algorithm: SHA256
- Assertion Encrypted: Yes
- Encryption Algorithm AES256-CBC
- SP or IdP Initiated: Both are supported
Setting up SSO with SAML 2.0
Reach out to our Support Team to let us know you’re ready to set up SSO with SAML 2.0.
In your message please provide:
- The Identity Provider (IdP) you are using
- Email addresses of a few Users who can test authentication
- Your QA/UAT/Sandbox metadata (or Production metadata if going straight to Production)
Tip: We recommend setting up a separate QA/UAT/Sandbox instance first. This enables us to easily test any potential setting changes and ensure production is fully functional
From there the following steps will be taken:
- The Loopio Technical Contact and your Technical Contact will exchange QA/UAT/sandbox metadata
- The Loopio Technical Contact will configure SSO in a Loopio QA environment and notify you when we are ready to begin testing
- Once you receive the notification from the Loopio Technical Contact, test your SSO connection in the QA/UAT/Sandbox environment:
-
Go to your company’s Loopio QA URL (provided by the Loopio Technical Contact)
- You’ll be redirected back to your IdP (Identity Provider)
- Log in to the IdP
-
Click at least 3 pages in Loopio
- For example, Projects, Reviews, Library
- Once we’ve confirmed that SSO is functional, the Loopio Technical Contact and your Technical Contact will exchange production metadata to set up SSO in production
If your team is already logging into Loopio via username and password, we’ll coordinate a time to switch authentication to SSO for your account to avoid any service interruptions for your team members. If your team is not using Loopio yet, we will set authentication to SSO for your account.
Note: Email addresses in Loopio must match the email addresses in the IdP and the the User must be granted access to Loopio in the IdP