What's in it for you
You can activate Single Sign-On (SSO) in Showpad and delegate authentication to an external Identity Provider (IdP). If you can't find your Identity Provider in our guide, you can use this article to see a general approach on how SSO works with Showpad.
Note: The SHA-256 Hash Algorithm is the recommended setting for all SSO integrations.
- Use your company’s identity provider to authenticate users in Showpad
- Seamlessly integrate Showpad into your enterprise security policies
- Auto-provision & assign users to the right groups in Showpad
- Reduce password-related support requests
- Reduce security threats to sensitive data loss by severing access
- Centralized user, password and authorization management
You need this to succeed
- Plus or Ultimate pricing plan on Showpad
- Administrator access on both Showpad's Online Platform and the Identity Provider
- An Identity Provider (IdP) service
- Some SAML and HTTP-REDIRECT binding knowledge can be useful
- We highly recommend using HTTPS in all communication
- Users on the iOS platform will need iOS version 10.1 or higher if you still use HTTP communication
- SAML metadata in the Showpad configuration has to include the HTTP-REDIRECT binding
The quick way to awesomeness
- Sign up for an Identity Provider (IdP) and obtain its metadata
- Create your users and groups on the IdP
- Enable SSO in Showpad
- Set up your SAML-based relation between the IdP service and Showpad
- Define the mapping between the IdP users and the Showpad users
- Set up auto-provisioning
Do this step by step
- Sign up for an Identity Provider.
- Create your users and groups on the IdP.
- To be able to link your Single Sign-On (SSO) Identity Provider to Showpad, you will need your Identity Provider's metadata in the standard XML format. This XML file will be different for each IdP as each has its own entityID, public key, and Assertion Consumer Service (ASC) endpoints.
Below is an example of a valid XML metadata file.
- Enable SSO on Showpad's Online Platform. Go to Admin Settings, Single Sign-On, Enable.
- Enter a name and select XML as your metadata source. Simply copy and paste the XML metadata from the file you created or the information you received from your IdP.
If you have an online location for this metadata, you can provide the URL to the XML file. This allows you to update your settings online instead of uploading updated XML metadata when the configuration changes.
It is possible to enable to log out from the IdP when logging out of Showpad.
- By default, we will use the recommended SHA-256 hash algorithm, but Showpad supports the older SHA-1 format as well.
- You can also set up auto-provisioning to automatically allow new users to be created when they log in successfully for the first time.
Map the corresponding fields for your users, available in your IdP. For example, the Email Field in Showpad will be mapped to the field email of the IdP.
There are two types of roles you can enter in the Role Field:
Admin will give administrator rights after the first login.
Standard will create a regular user in Showpad.
The Group Assignment Field will automatically add the user in selected groups. You can separate the groups with commas.