SSO - SAML
Last updated
Was this helpful?
Last updated
Was this helpful?
IdP initiated login is not supported yet due to a limitation with our auth provider so you'll need to use the . A workaround could be to add the SAML login page as a web link to your SSO portal.
Track the request to add IdP initiated login on our .
Configuring single sign using SAML integrates IcePanel with your organizations identity provider. This allows users in your organization to securely and easily sign in to IcePanel without the need to manage additional credentials.
Instructions can vary based on your SAML identity provider. See examples for below.
Create a new SAML application in your identity provider with the following info.
ACS URL / Reply URL - https://app.icepanel.io/__/auth/handler
Entity ID / Identifier - icepanel.io
Then fill out our with the requested information from your app. Once that's submitted, it can take up to 1 business day for us to configure it. We'll be in touch shortly to confirm and check everything is working.
Note: IdP initiated login is not supported yet so you'll need to use the .
Once you've configured a SAML app with us you can globally secure access to share links with SSO.
In organization management you can set one or more domains that can access your share links securely. The example below will restrict all share link access to users who authenticate with @icepanel.io email addresses.
Users will now be redirected to your SAML authentication flow before gaining access to a share link. They will not be required to create an IcePanel account, so these users will not count toward your plan seat count in any way.
We support all identity providers that support SAML 2.0.
Click Add app / Add custom SAML app.
Set the ACS URL field to https://app.icepanel.io/__/auth/handler.
Set the Entity ID field to icepanel.io.
Set the Name ID format field to EMAIL and the Name ID field to Primary email.
Click the User access section and check the toggle for ON for everyone.
Done, now wait for us to let you know it's all setup on our end.
Click Enterprise applications from the left sidebar.
Click New application and pick the Non-gallery application type.
Click Single sign-on in the left sidebar and choose the SAML method.
Click the edit pencil in the Basic SAML configuration.
Set the Identifier (Entity ID) field to icepanel.io.
Set the Reply URL (Assertion Consumer Service URL) field to https://app.icepanel.io/__/auth/handler.
Click Users and groups in the left sidebar and add the users or groups that need access to IcePanel.
Done, now wait for us to let you know it's all setup on our end.
First navigate to Admin > Applications on the Okta portal.
Click Add New App and select SAML 2.0.
Set the Single sign on URL field to https://app.icepanel.io/__/auth/handler.
Set the Audience URI (SP Entity ID)to icepanel.io.
Set the Name ID format to email address and the Application usernameto email.
Click View setup instructions get the necessary information.
Make sure the required users or groups have permission to access to the Okta app.
Done, now wait for us to let you know it's all setup on our end.
First navigate to Apps / Web and mobile apps on the .
Fill in the app name as IcePanel and upload the .
Copy the values from the SSO URL, Entity ID and Certificate fields into our .
First navigate to Entra ID on the .
Fill in the app name as IcePanel and upload the .
Copy the Certificate (Base64), Login URL and Azure AD Identifier fields into our .
Copy the values from the SSO URL, Identity Provider Issuer (Entity ID) and Certificate fields into our .
