10to8 offers you the ability to enable SSO (single sign-on) for your account users. This allows all users to log in to 10to8 using their company credentials. 10to8 SSO is based on SAML 2.0.
SSO is a specialist add-on feature, available only to those with an Enterprise/Bespoke plan. SSO is not included within these plans as standard, so you will need to discuss its implementation with our sales team and/or your account manager.
This guide explains how to set up SSO with 10to8.
How Does 10to8's SSO Work?
When you use 10to8's SSO, 10to8 acts as the service provider (SP) and offers automatic user provisioning. This means that your account users do not need to register as users within 10to8 in order to access it.
Once 10to8 receives a SAML response from the identity provider (IdP), it checks whether this user exists.
If the user does not exist, 10to8 can create a user based on the attributes provided and link that user to your organization with appropriate permissions.
How to Set Up SSO
To set up SSO, follow the steps below.
1. Configure your IdP:
- Set the unique identifier NameID as their email address.
- Make sure to provide their name and email, as these are required attributes.
- departmentNumber is an optional attribute, which maps the user to the correct 10to8 account when there are multiple accounts.
2. Once configured, please provide us with the following details:
- Sign-in page URL
- Sign-out page URL
- Issuer: <ID of EntityDescriptor>
- Metadata XML file
10to8 Service Provider Details
Below are the necessary 10to8 SP details.
- Entity ID & 10to8's SAML metadata file: https://10to8.com/saml2/metadata/
- Reply URL (ACS URL): https://10to8.com/saml2/acs/
- 10to8 login URL: https://10to8.com/login/ (there is no separate/unique login URL for SSO. Passwords are optional for SSO login)
Need More Help?
We hope you've found this guide useful. If you need any further help, don't hesitate to reach out to our support team for assistance!