> ## Documentation Index
> Fetch the complete documentation index at: https://docs.getstrada.com/llms.txt
> Use this file to discover all available pages before exploring further.

# SSO with Other Identity Providers

> Configure Single Sign-On using any SAML 2.0 compatible identity provider

<Note>
  **Contact Strada Administrator Required**

  To set up SSO with your identity provider, please contact your Strada administrator. Our team will provide you with the necessary SAML configuration URLs and guide you through the setup process.
</Note>

## Overview

Strada supports Single Sign-On (SSO) through most SAML 2.0 compatible identity providers. If you're using an identity provider other than Okta, Google Workspace, or Microsoft Entra, this guide will help you understand the general setup process.

**Supported Identity Providers include:**

* Any SAML 2.0 compatible IdP
* Azure Active Directory
* OneLogin
* Ping Identity
* Auth0
* JumpCloud
* And many more...

***

## Prerequisites

Before configuring SSO, ensure you have:

* Admin access to your identity provider
* Contact with your Strada administrator
* SAML 2.0 support enabled in your IdP

***

## General Setup Process

### Step 1: Contact Strada Administrator

Reach out to your Strada administrator to begin the SSO setup process. They will provide you with:

1. **ACS URL** (Assertion Consumer Service URL) - Also called SP SSO URL
2. **Audience URI** (Entity ID) - Also called SP Entity ID

Keep these URLs handy for configuring your identity provider.

***

### Step 2: Configure Your Identity Provider

Create a new SAML 2.0 application in your identity provider with the following configuration:

#### Basic SAML Settings

**Single Sign-On URL / ACS URL:**

```
[URL provided by Strada administrator]
```

**Audience URI / Entity ID / SP Entity ID:**

```
[URL provided by Strada administrator]
```

**Name ID Format:** `EmailAddress` or `Email`

**Name ID / Application Username:** User's email address

#### Attribute Mapping

Configure your identity provider to send the following attributes:

| Attribute Name | Description                                       | Required |
| -------------- | ------------------------------------------------- | -------- |
| email          | User's email address                              | Yes      |
| firstName      | User's first name                                 | Yes      |
| lastName       | User's last name                                  | Yes      |
| id             | Unique user identifier (optional but recommended) | No       |

**Example attribute mapping:**

* **email** → User's email address
* **firstName** → User's first name
* **lastName** → User's last name
* **id** → User's unique ID in your IdP

<Note>
  The exact attribute names and mapping may vary by identity provider. Your Strada administrator can provide
  specific guidance for your IdP.
</Note>

***

### Step 3: Obtain IdP Metadata

After configuring your application, you'll need to provide metadata from your identity provider to Strada. Your IdP will provide this information in one of two formats:

#### Option A: Metadata URL (Preferred)

Most modern identity providers offer a metadata URL that automatically updates. This is the preferred method.

**What to provide:**

* The complete metadata URL from your IdP
* Example format: `https://your-idp.com/app/xxxxx/sso/saml/metadata`

#### Option B: Manual Configuration

If your IdP doesn't provide a metadata URL, you'll need to manually copy the following three values:

1. **IdP SSO URL** - The URL where authentication requests are sent
2. **IdP Entity ID** - Your identity provider's unique identifier
3. **X.509 Certificate** - The public certificate used to verify SAML responses

***

### Step 4: Send Information to Strada

Share the following information with your Strada administrator:

**If using Metadata URL:**

* Metadata URL
* Organization name

**If using manual configuration:**

* IdP SSO URL
* IdP Entity ID
* X.509 Certificate (copy the entire certificate including BEGIN/END lines)
* Organization name

Strada will complete the SSO configuration on their end and notify you when it's ready for testing.

***

### Step 5: Assign Users

In your identity provider:

1. Navigate to the user/group assignment section for your Strada application
2. Assign the users or groups who should have access to Strada
3. Save your changes

User assignment processes vary by identity provider. Refer to your IdP's documentation for specific instructions.

***

### Step 6: Test SSO Connection

Once Strada confirms the configuration is complete:

1. Navigate to your Strada login page
2. Click **Sign in with SSO**
3. You should be redirected to your identity provider for authentication
4. After successful authentication, you'll be redirected back to Strada

If you encounter any issues during login, contact your Strada administrator.