This section describes how you can enable SAML Single Sign-On (SSO) for your ConfigCat environment.
SAML SSO allows your team members to sign up and log in to ConfigCat via their company accounts using your own Identity Provider (IdP).
- Verified domain
In order to configure SAML, you have to verify the ownership of the domain that your company uses for email addresses. This step is required, because at the beginning of the login process, we use the user's email domain to select the appropriate SAML Identity Provider.
- Identity Provider that supports SAML 2.0
Configure a SAML Identity Provider
We tested and validated the following SAML Identity Providers:
Other Identity Providers might also work with ConfigCat, if they support the SAML 2.0 protocol.
Supported SAML flows
- Identity Provider initiated SSO
- Service Provider initiated SSO
These are the Identity Provider configuration requirements for ConfigCat:
- Name ID: ConfigCat only supports the email address in the
- Signature algorithm: ConfigCat only supports the