Generic SAML 2.0 Setup
Configure SSO with any SAML 2.0 compatible identity provider
Overview#
If your identity provider is not listed in our specific guides, you can use this generic SAML 2.0 setup guide. Most enterprise identity providers support SAML 2.0.
Service Provider Information#
Configure ViksaAI as a Service Provider in your IdP using these values:
| Field | Value |
|---|---|
| SP Entity ID | https://viksaai.com/saml/metadata |
| ACS URL | https://api.viksaai.com/auth/auth/sso/saml/callback |
| Name ID Format | urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress |
| Binding | HTTP-POST |
| Metadata URL | https://api.viksaai.com/auth/auth/sso/saml/metadata |
Required from Your IdP#
You will need the following information from your identity provider:
IdP Entity ID/Issuer
The unique identifier for your identity provider
IdP SSO URL
The login URL where users are redirected (HTTP-Redirect binding)
X.509 Certificate
The public certificate for signature verification (PEM format)
Required Attributes#
Configure your IdP to send these attributes in the SAML assertion:
| Attribute | Required | Description |
|---|---|---|
email | Yes | User's email address |
first_name | Recommended | User's first name |
last_name | Recommended | User's last name |
groups | Optional | Group memberships for role mapping |
Configuration Steps#
- 1
Create SAML application in your IdP
Use the SP information above to configure ViksaAI as a service provider. - 2
Configure attribute mappings in your IdP
Map user attributes to the names listed above. - 3
Copy IdP metadata
Get the Entity ID, SSO URL, and certificate from your IdP. - 4
Configure ViksaAI
Go to Settings → SSO and enter your IdP information. - 5
Verify domain and enable
Complete domain verification, test the connection, and enable SSO.