SAML/SSO
Cycle let's you configure single sign-on based on Google IDP or your own IDP provider through SAML
Last updated
Was this helpful?
Cycle let's you configure single sign-on based on Google IDP or your own IDP provider through SAML
Last updated
Was this helpful?
Simply use the Google SSO buttons to login/signup.
Create a new "app" in your SSO platform following their documentation, and name the app "Cycle App - <your team name>". Or if you only have a single team, you can also name the app "Cycle App".
Note: Any users you give access to this app in your SSO platform, will be able to log in to Cycle App and automatically access the team you created above.
Use any placeholder values in your SSO platform for the following values (we'll come back to fill these in later):
SP Single Sign-On URL (also called Reply URL or Assertion Consumer Service URL in some SSO platforms)
SP Entity ID (also called Audience URI in some SSO platforms)
Use the image as your SSO app's logo, to make it easy for your users to identify the app in your SSO portal.
Enable Response Assertion signing in your SSO app. It's usually found under "Advanced" settings and often enabled by default.
Once you've created the app, your SSO platform should give you the following information:
IdP Single Sign-On URL (also called Identity Provider Single Sign-On URL or Login URL in some SSO platforms)
IdP Entity ID (also called Identity Provider Issuer or AD Identifier in some SSO platforms)
IdP Certificate (also called Identify Provider X.509 Certificate or Token singing certificate in some SSO platforms) - in base64 format (should start with -----BEGIN CERTIFICATE----- and end with -----END CERTIFICATE-----.
We'll now continue the setup in Cycle App.
Visit the "Privacy" page in the Settings and click on "Configure SSO".
Click on "Setup New Identity Provider".
Enter the values you received from your SSO platform in Step 1 above, into the corresponding fields in Cycle App.
Click on "Create"
Cycle App will now give you the actual values to use in your SSO platform, for the fields you used placeholder values for in Step 2.
We'll now finalise the setup in your SSO platform.
Copy-paste the "Service Provider Entity ID" that you see in Cycle App, into the SP Entity ID field in your SSO platform (also called Audience URI in some SSO platforms).
Copy-paste the "Assertion Consumer Service URL" that you see in Cycle App, into the SP Single Sign-On URL (also called Reply URL in some SSO platforms).
And that's it for one-time setup.
When a user you've authorized Cycle App access for on your SSO platform, logs in for the first time into Cycle App, we will automatically create a new user account for them and add their account to your Cycle App team. So you don't have to explicitly provision users in Cycle App each time.
