General approach for SSO and Showpad Updated March 22, 2023 09:24 You can activate Single Sign-On (SSO) in Showpad and delegate authentication to an external Identity Provider (IdP). If you can't find your Identity Provider in our guide, you can use this article to see a general approach on how SSO works with Showpad. Note: The SHA-256 Hash Algorithm is the recommended setting for all SSO integrations. Key features Use your company’s identity provider to authenticate users in Showpad Seamlessly integrate Showpad into your enterprise security policies Auto-provision & assign users to the right groups in Showpad Reduce password-related support requests Reduce security threats to sensitive data loss by severing access Centralized user, password and authorization management You need this to succeed Platform Enterprise on Showpad Available as an addon on Showpad Plus pricing plan Administrator access on both Showpad's Online Platform and the Identity Provider An Identity Provider (IdP) service Some SAML and HTTP-REDIRECT binding knowledge can be useful We highly recommend using HTTPS in all communication Users on the iOS platform will need iOS version 10.1 or higher if you still use HTTP communication SAML metadata in the Showpad configuration has to include the HTTP-REDIRECT binding The quick way to awesomeness Sign up for an Identity Provider (IdP) and obtain its metadata Create your users and groups on the IdP Enable SSO in Showpad Set up your SAML-based relation between the IdP service and Showpad Define the mapping between the IdP users and the Showpad users Set up auto-provisioning Do this step by step Sign up for an Identity Provider. Create your users and groups on the IdP. To be able to link your Single Sign-On (SSO) Identity Provider to Showpad, you will need your Identity Provider's metadata in the standard XML format. This XML file will be different for each IdP as each has its own entityID, public key, and Assertion Consumer Service (ASC) endpoints. Below is an example of a valid XML metadata file. Enable SSO on Showpad's Online Platform. Go to Admin Settings, Sign-On, Add Configuration. Select SAML 2.0 if that's the service you're using. Enter a name and select XML as your metadata source. Simply copy and paste the XML metadata from the file you created or the information you received from your IdP. If you have an online location for this metadata, you can provide the URL to the XML file. This allows you to update your settings online instead of uploading updated XML metadata when the configuration changes.It is possible to enable to log out from the IdP when logging out of Showpad. By default, we will use the recommended SHA-256 hash algorithm, but Showpad supports the older SHA-1 format as well. You can also set up auto-provisioning to automatically allow new users to be created when they log in successfully for the first time.Map the corresponding fields for your users, available in your IdP. For example, the Email Field in Showpad will be mapped to the field email of the IdP.There are two types of roles you can enter in the Role Field: - Admin will give administrator rights after the first login. - Standard will create a regular user in Showpad.The Group Assignment Field will automatically add the user in selected groups. You can separate the groups with commas.Content license type and Coach license type will be available fields when Partner licenses are enabled for the corresponding offering. If this field is left blank, the user will not get a license. You can click the information icon once the connection is configured to get your Showpad entity ID, ACS endpoint, and logout URL. Related articles Guide to using SSO and Showpad Using Azure AD for SSO with Showpad Using Okta for SSO with Showpad Using Google for authentication with Showpad Give users more permissions as Promoted Members