ViksaAIDocs
Start now

Generic SAML 2.0 Setup

Configure SSO with any SAML 2.0 compatible identity provider

Overview#

If your identity provider is not listed in our specific guides, you can use this generic SAML 2.0 setup guide. Most enterprise identity providers support SAML 2.0.

Service Provider Information#

Configure ViksaAI as a Service Provider in your IdP using these values:

FieldValue
SP Entity ID
https://viksaai.com/saml/metadata
ACS URL
https://api.viksaai.com/auth/auth/sso/saml/callback
Name ID Format
urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
Binding
HTTP-POST
Metadata URL
https://api.viksaai.com/auth/auth/sso/saml/metadata

Required from Your IdP#

You will need the following information from your identity provider:

IdP Entity ID/Issuer

The unique identifier for your identity provider

IdP SSO URL

The login URL where users are redirected (HTTP-Redirect binding)

X.509 Certificate

The public certificate for signature verification (PEM format)

Required Attributes#

Configure your IdP to send these attributes in the SAML assertion:

AttributeRequiredDescription
email
YesUser's email address
first_name
RecommendedUser's first name
last_name
RecommendedUser's last name
groups
OptionalGroup memberships for role mapping

Configuration Steps#

  1. 1

    Create SAML application in your IdP

    Use the SP information above to configure ViksaAI as a service provider.
  2. 2

    Configure attribute mappings in your IdP

    Map user attributes to the names listed above.
  3. 3

    Copy IdP metadata

    Get the Entity ID, SSO URL, and certificate from your IdP.
  4. 4

    Configure ViksaAI

    Go to Settings → SSO and enter your IdP information.
  5. 5

    Verify domain and enable

    Complete domain verification, test the connection, and enable SSO.

Troubleshooting#