Our URL redirect service enables you to use your own Identity Provider (IdP) to authenticate your users with our SAML single sign-on (SSO) integration. The following steps will get you up and running.

Most SSO providers only need two pieces of information to work with our URL redirect service. In the example above, a Google Workspaces SAML application is configured as an Identity Provider for urllo SSO access.

The following values should be used in your configuration:

https://dashboard.easyredir.com/profile/saml/auth

https://dashboard.easyredir.com/profile/saml/metadata

We provide two convenient methods to add your SSO provider; file upload or manual entry. Most common SSO providers such as Google and Microsoft Azure, provide an XML Metadata file for download with all the settings needed by our URL redirect service to configure your provider in our system. This includes the entity ID and the certificate.

To upload your metadata file, browse your system and locate the downloaded file then click “Save New Provider”. Once created, you will be able to edit any of the saved values.

If you would like to configure your provider manually or if your provider offers SAML support but does not provide a metadata file, you can click “Configure Metadata Manually” and complete all of the required information outlined below.

The key pieces of information required from your provider are the Entity ID, Sign-in target URL, and your certificate fingerprint.

This uniquely identifies the provider being used. This value should be retrieved from your SSO provider. For Google Workspaces SAML apps, this value may be something like https://accounts.google.com/o/saml2?idpid=[ID].

This value determines where your users should be redirected to when performing authentication using your SSO provider. This value should be retrieved from your provider. For Google Workspaces SAML apps, this value may be something like https://accounts.google.com/o/saml2/idp?idpid=[ID].

Once created, you will be able to view and edit all of the settings for your provider. When you have completed the configuration, you must verify your provider before it can be enabled. This will initiate a login with your provider and once successful, will return you to your dashboardf and your SSO provider will be verified.

At this point, your setup is complete but users will still require logging in with email and password until you enable your SSO Provider. This is a convenient way for you to enable or disable the use of your provider at any time. To ensure you are not locked out of your account, changes to critical information cannot be made while your provider is enabled.

Depending on your SSO configuration through your SSO provider, you may need to add and verify your domain in your dashboard in order for SAML SSO to be the only option for a user to login.

When enabled, users within your organization should be able to initiate a login through your Identity Provider but will not be able to login directly from your dashboard until you add and verify your domain.

When you add a domain, you will be asked to select a common administrative email address to send the verification email to. This ensures that someone with control over your domain receives and verifies that the domain should be used for authentication within your dashboard. If you do not have access to any of these email addresses within your organization, you will need to contact an administrator who does and have them complete the verification process.

The recipient at the selected address will receive one click instructions to verify your domain. Once verified, users will be able to login using your Identity Provider through your dashboard.

If you have any questions about this process or need further help setting up SSO, don't hesitate to reach out to us for assistance. We're happy to help.