SAML SSO works by transferring the user’s identity from one place, that is the identity provider, to another, that is the service provider.
- A user authenticates by attempting to log into Hushly using SAML SSO.
- Hushly redirects the user to the Single Sign-On page.
- The user enters his Organization Name/Domain.
- He is then redirected to the login page of the identity provider, such as Okta.
- The user enters the credentials.
- The identity provider validates the user.
- The identity provider redirects the user to Hushly’s consumer assertion URL and passes a SAML assertion authorizing the user.
- The identity provider sends user attributes like email address, first name, and last name are sent along with the assertion to Hushly.
- Hushly verifies the identity provider’s certificate and grants access to the user.
SAML usually includes three entities:
A user | The person who requests the service. |
A service provider | The application that provides the service or protects the resource. |
An identity provider | The service or repository that manages the user information. |
You can configure Hushly to act as a service provider in this mechanism. You can use your own SAML server to act as an identity provider or a third-party application such as OneLogin or Okta.
A quick guide to configuring SAML 2.0 SSO on Hushly:
- From the Left Nav Menu, click Setup > Security.
The Security Configuration page launches with the single-sign-on option. By default, the option is disabled
- From the Security Configuration page, toggle the single sign-on switch to Yes.
- The Security Configuration page shows the following details.
- Click the Login Link. The Single-Sign-On dialog box opens with the domain details prepopulated from your Hushly account. You may want to verify whether the single-sign-on is launching your company’s SSO page.
Note: You can optionally bookmark this page to log into your firm’s network and Hushly. - Enter the SAML entity ID.
- Enter the SAML SSO URL.
- Enter the logout URL.
- Copy and paste the security certificate. The certificate is used for encryption and validation of assertion between your identity provider and Hushly.
Alternatively, you can upload a self-signed certificate with .cer or .crt file extensions by clicking Upload Certificate. - Click Save.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article