Single Sign-On Setup
Learn how to integrate your Identity Provider (IdP) using OIDC (OpenID Connect) or SAML (Security Assertion Markup Language).
SSO setup requires custom integration. Contact support@sedai.io for help.
Single Sign-on (SSO) streamlines the authentication process for your team and enhances security. Sedai supports two common IdP configurations: OIDC (OpenID Connect) and SAML (Security Assertion Markup Language). We recommend using OIDC if both options are available.
IdP Requirements
Your IdP must pass role information during the login process. In addition, basic user information (such as full name and email address), should be transmitted for user identification.
Sedai provides three roles with unique access permissions:
SedaiViewer | SedaiUser | SedaiAdmin | |
---|---|---|---|
View | |||
Execute | |||
Add/edit integrations | |||
Configure feature settings |
OIDC Integration
The following information is required from your OIDC Identity Provider:
Requirement | Purpose |
---|---|
Discover URI | Allows Sedai to dynamically discover configuration details of your IdP (typically formatted as |
Client ID & Secret | Establishes secure connection between Sedai and your OIDC IdP |
Roles Mapping | Maps role names used within your OIDC IdP to Sedai's roles (SedaiViewer, SedaiUser, Sedai Admin) |
Attribute for Role Name | Indicates specific attribute in your OIDC IdP that holds the role information during the authentication handshake. This attribute should contain the role details corresponding to Sedai's roles. |
After our team receives this information, we will provide Callback URLs for you to update your OIDC IdP. Sedai uses the URLs to send authentication callbacks. These should be configured to handle responses from the IdP after user authentication.
SAML Integration
The following information is required from your SAML provider:
Requirement | Purpose |
---|---|
SAML Identity Provider Metadata XML | Initiates the SAML integration with Sedai by describing your SAML Identity Provider (see example) |
Roles Mapping | Maps role names used within your SAML Identity Provider to Sedai's roles (SedaiViewer, SedaiUser, SedaiAdmin) |
Attribute for Role Name | Indicates the specific attribute in your SAML Identity Provider that holds role information during the authentication handshake. This attribute should contain the role details corresponding to Sedai's roles. |
After Sedai receives this information, a team members will provide Sedai's Service Provider Metadata for you to update your SAML IdP.
Some SAML providers may allow the use of Service Provider certificate data directly, which is available within the metadata.
Okta SAML 2.0 Configuration
When adding applications in Okta for SAML, you will need to provide the following details to your Sedai support contact:
Requirement | Example |
---|---|
Application ACS URL |
|
Application SAML Audience |
|
SSO URL |
|
Name ID Format |
|
Last updated