Contact Strada Administrator RequiredTo set up SSO with your identity provider, please contact your Strada administrator. Our team will provide you with the necessary SAML configuration URLs and guide you through the setup process.
Overview
Strada supports Single Sign-On (SSO) through most SAML 2.0 compatible identity providers. If you’re using an identity provider other than Okta, Google Workspace, or Microsoft Entra, this guide will help you understand the general setup process. Supported Identity Providers include:- Any SAML 2.0 compatible IdP
- Azure Active Directory
- OneLogin
- Ping Identity
- Auth0
- JumpCloud
- And many more…
Prerequisites
Before configuring SSO, ensure you have:- Admin access to your identity provider
- Contact with your Strada administrator
- SAML 2.0 support enabled in your IdP
General Setup Process
Step 1: Contact Strada Administrator
Reach out to your Strada administrator to begin the SSO setup process. They will provide you with:- ACS URL (Assertion Consumer Service URL) - Also called SP SSO URL
- Audience URI (Entity ID) - Also called SP Entity ID
Step 2: Configure Your Identity Provider
Create a new SAML 2.0 application in your identity provider with the following configuration:Basic SAML Settings
Single Sign-On URL / ACS URL:EmailAddress or Email
Name ID / Application Username: User’s email address
Attribute Mapping
Configure your identity provider to send the following attributes:| Attribute Name | Description | Required |
|---|---|---|
| User’s email address | Yes | |
| firstName | User’s first name | Yes |
| lastName | User’s last name | Yes |
| id | Unique user identifier (optional but recommended) | No |
- email → User’s email address
- firstName → User’s first name
- lastName → User’s last name
- id → User’s unique ID in your IdP
The exact attribute names and mapping may vary by identity provider. Your Strada administrator can provide
specific guidance for your IdP.
Step 3: Obtain IdP Metadata
After configuring your application, you’ll need to provide metadata from your identity provider to Strada. Your IdP will provide this information in one of two formats:Option A: Metadata URL (Preferred)
Most modern identity providers offer a metadata URL that automatically updates. This is the preferred method. What to provide:- The complete metadata URL from your IdP
- Example format:
https://your-idp.com/app/xxxxx/sso/saml/metadata
Option B: Manual Configuration
If your IdP doesn’t provide a metadata URL, you’ll need to manually copy the following three values:- IdP SSO URL - The URL where authentication requests are sent
- IdP Entity ID - Your identity provider’s unique identifier
- X.509 Certificate - The public certificate used to verify SAML responses
Step 4: Send Information to Strada
Share the following information with your Strada administrator: If using Metadata URL:- Metadata URL
- Organization name
- IdP SSO URL
- IdP Entity ID
- X.509 Certificate (copy the entire certificate including BEGIN/END lines)
- Organization name
Step 5: Assign Users
In your identity provider:- Navigate to the user/group assignment section for your Strada application
- Assign the users or groups who should have access to Strada
- Save your changes
Step 6: Test SSO Connection
Once Strada confirms the configuration is complete:- Navigate to your Strada login page
- Click Sign in with SSO
- You should be redirected to your identity provider for authentication
- After successful authentication, you’ll be redirected back to Strada