Enterprise SSO

SAML-based authentication for larger companies

This feature is currently available to orgs who have purchased $2000 USD or more in DeviceCloud credits.

Single sign-on solutions (such as OKTA) allow organisations to centrally manage user access to DeviceCloud.

We support the following identity providers:

  • Okta, Auth0

  • Google Workspaces (formerly known as GSuite)

  • Microsoft Active Directory, Azure Active Directory, Microsoft Entra

  • PingIdentity

  • OneLogin

Using a provider that is not on the list? Contact us and we'd be happy to help setup the integration.

Integration Steps

These steps have been written with OKTA in mind, but are applicable to other identity providers too.

  1. Create a new application with SAML in OKTA

Select SAML 2.0 when creating a new app
  1. Populate the SAML fields using the below values.

key
value

Single sign-on URL (ACS URL)

https://cloud.devicecloud.dev/auth/v1/sso/saml/acs

Audience URI (SP Entity ID)

https://cloud.devicecloud.dev/auth/v1/sso/saml/metadata

Default Relay State

https://cloud.devicecloud.dev/

  1. Ensure the application username is set to EMAIL

  2. Ensure the Name ID Format is set also to EMAIL

  3. Generate your metadata URL (or XML file for some providers)

  4. Send the following to [email protected] from an email address registered with DeviceCloud:

    1. your metadata URL (or XML)

    2. the email domain(s) you wish to protect

  5. Our support team will then verify you have purchased the required amount of credits and enforce SSO for the requested domains.

  6. Once activated, DeviceCloud supports Service Provider initiated login via SSO using the SSO button on the DeviceCloud login screen:

Last updated

Was this helpful?