Single Sign On (SSO)
Definitions
- Identity Provider (IdP) - This is your Identity Provider (Google, Okta, Azure AD).
- Service Provider (SP) - This is PagerTree.
SAML Required Attributes
- Version - 2.0
- Assertion Consumer URL (ACS) -
https://app.pagertree.com/public/saml/callback?sp_entity_id=<sp-entity-id> - NameIDPolicy - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
- Encryption - false
- Enable "advanced mode".
- Navigate to the Idp Configs page.
- Click New SSO Config button.
- In the new Idp Config form:
- Copy the metadata xml (or metadata url) from your IdP to the PagerTree
- Configure your IdP with the provided SP (PagerTree) information.
- Service Provider (PagerTree) Entity ID - Sometimes called the "audience" by the IdP.
- Service Provider (PagerTree) Assertion Consumer Service (ACS) URL
- Service Provider (PagerTree) Single Logout Service (SLO) URL
- Click Enable Button
Members of your account will now be required to sign-in using SSO via the Single Sign-On login page
Configuring PagerTree with SSO
-
Enable "advanced mode".
-
Navigate to the Idp Configs page.
-
Click New SSO Config button.
New SSO Config Button
-
In the new Idp Config form:
-
Copy the metadata xml (or metadata url) from your IdP to the PagerTree.
SSO Config Form
-
-
Configure your IdP with the provided SP (PagerTree) information.
-
Service Provider (PagerTree) Entity ID - Sometimes called the "audience" by the IdP.
-
Service Provider (PagerTree) Assertion Consumer Service (ACS) URL
-
Service Provider (PagerTree) Single Logout Service (SLO) URL
Identity Provider (IdP) Data
-
-
Click Enable Button.
Enable SSO Config Button
Members of your account will now be required to sign-in using SSO via the Single Sign-On login page
Troubleshooting
If you are running into an issue with Azure (Entra) stating "Invalid Idp Response: Invalid Audience", this stems from Microsoft adding an extra "spn:" prefix to the Entity ID. Please email the PagerTree support team to resolve this issue.