Getting Started
      Back to home
      1. Support Center & FAQs | Setyl
      2. Getting Started

      A Guide to Configuring Setyl with your SAML provider

      Learn how to connect Setyl to your SAML provider of choice, using Okta and Microsoft Azure as examples

      Setyl’s SAML Single Sign-On (SSO) integration provides an added level of security control for your Organization. This guide will walk you through the process of configuring SAML SSO with Setyl.

      Although we’ll use Okta and Microsoft Azure as examples of Identity Providers (IdP) within this help article, other Identity Providers are likely to be supported, provided they are able to make use of the SAML 2.0 standard.

      Step 0: Before Starting

      • Ensure your role within Setyl is “Owner” level. Authentication settings are only visible to this role level.
      • Ensure that your Organization subscribes to Setyl’s SAML functionality. If you are an Owner role and your Organization subscribes to Setyl’s SAML service, you will see “SAML SSO” in the list of Authentication options from Settings > Company Settings > Authentication.

      Step 1: Enabling the SAML Service within Setyl

      1. Within your Setyl account, navigate to Settings > Company Settings > Authentication tab.
      2. Check that the “SAML SSO” toggle is enabled. If the toggle is not visible, SAML is not included in the package for your Organization.
      3. Click “Add New SAML Integration”.

      From this window, please follow the guide specific to your SAML provider below:

       

      Step 2 - Using Okta:

      1. Within Setyl, provide a name for the SAML integration within the SAML Provider Name field, for example, “SAML integration with Okta”.
      2. In a new tab, log into the Okta Admin console.
      3. Create a new application for Setyl, selecting SAML as the integration method.
      4. Copy and paste the “Setyl Metadata URL” from Setyl into the relevant field in the Okta Admin console.
      5. Copy and paste the “Setyl Single Sign-On URL” from Setyl into the relevant field in the Okta Admin console.
      6. Choose Email Address as the Name ID Format in the Okta Admin Console.
      7. Save the Okta configuration and keep the Okta browser tab open.
      8. Copy the “IdP Metadata URL” field from Okta Admin and input it into the “IdP Metadata URL” field in Setyl.
      9. Save the new connection by clicking “Add SAML Integration”.
      10. Enable the new SAML method from within the SAML SSO table.
      11. Recommended: After testing that the SAML authentication works correctly, disable other authentication methods so that SAML authentication is enforced to access Setyl.
      12. Optionally: Enable auto-provisioning of the SAML service. This will automatically create a new user within Setyl when provisioned from the SAML provider.

       

      Step 2 - Using Microsoft Azure

      1. Within Setyl, provide a name for the SAML integration within the SAML Provider Name field, for example, “SAML integration with Microsoft Azure”.
      2. Navigate to Microsoft Enterprise applications > New Application > Create your own application.
      3. Name the application, for example, “Setyl SAML Sign In”. Note that “Setyl.com” cannot be used as this is a separate, published app for Setyl’s Microsoft sync. 
      4. Select “Integrate any other applications you don’t find in the gallery (Non-gallery)”.
      5. Go to Single sign-on > SAML.
      6. Returning to the Setyl tab, copy the “Setyl Metadata URL” field. Paste this into the Azure > Basic SAML Configuration > Identifier (Entity ID) field.
      7. Returning to the Setyl tab, copy the “IdP Metadata URL” field. Paste this into the Azure > Basic SAML Configuration > Reply URL (Assertion Consumer Service URL) field.
      8. Within the Azure page > SAML Certificates > Copy the “App Federation Metadata Url” field and paste this into the Setyl “IdP Metadata URL” field.
      9. Save the Setyl SAML configuration by clicking “Add SAML Integration”.
      10. Within the Azure page > SAML Certificates > ensure that the “Notification Email” matches the email you receive authentication-related events at.
      11. Within the Azure page, click “Test”.
      12. Within the Azure page, navigate to “Users and groups” and map the provisioning of the Setyl app to users.
      13. Enable the new SAML method from within the SAML SSO table.
      14. Recommended: After testing that the SAML authentication works correctly, disable other authentication methods so that SAML authentication is enforced to access Setyl.
      15. Optionally: Enable auto-provisioning of the SAML service. This will automatically create a new user within Setyl when provisioned from the SAML provider.