SAML/SSO Integration

SAML is a standard that enables the secure communication of identities between organizations. Re:amaze is a SAML Service Provider that can accept Identities provided by a SAML Identity Provider (IdP) for the purposes of allowing Single-Sign-On (SSO) for organizations that have a SAML IdP.

This allows you to control Sign-On policies for your staff users with a third party like Okta, Onelogin, Azure AD, Google G Suite, or other SAML Identity Providers. Re:amaze supports IdPs that provide email formatted identifiers.

We've listed the instructions to connect Re:amaze to G Suite SAML as an example, but the process should be similar for other providers.

To Connect Re:amaze to G Suite SAML

  1. Go to your Google Admin console (at admin.google.com)
  2. Go to SAML Apps. You'll need certain administrative permissions in order to access this.
  3. Click the plus (+) icon in the bottom corner.
  4. Click Set up my own custom app.
  5. The Google IDP Information window opens and the Single Sign-On URL and the Entity ID URL fields automatically populate.
  6. Copy the Single Sign-On URL and paste it into Re:amaze under Settings > SAML/SSO
  7. Download the X.509 Certificate, open it in a text editor and paste it into the corresponding field under Settings > SAML/SSO
  8. In the Service Provider Details window, add the ACS URL, an Entity ID, and a start URL. The ACS URL, the Entity ID, and the start URL information are all provided in Re:amaze under the same Settings > SAML/SSO page.
  9. Click Finish

You should now have SAML login with G Suite enabled. Make sure to allow all Google domain users to access this newly added SAML custom app.