SalesLoft supports the use of single sign-on identity providers (also called SSO or SAML). These are session and user authentication services, such as OneLogin, Okta or Active Directory, that permit a user to use one set of login credentials to access multiple applications.
In this article, we provide a walkthrough of how to set up several popular IDPs, including:
- Set Up Your Single Sign-On Provider
- Enabling and Disabling Single Sign-On
- What if my solution is not listed?
- SSO Troubleshooting
SalesLoft currently has single sign-on setup capabilities with the following IDPs:
- Okta Instructions
- Salesforce IDP Instructions
- OneLogin Instructions
- Google SSO Through SAML
- Microsoft Azure Instructions
Please click the appropriate link to view step-by-step instructions for setting up your single sign-on provider.
Once everything is set up on the application end, you can enable single sign-on in your SalesLoft account. Follow the instructions below:
1. Go to the SalesLoft Single-Sign On Settings page.
2. Click the Choose File button to upload the metadata file from your provider.
3. Once the file has been uploaded, you can test that your configuration is correct by clicking the Test SSO Login button. If you have successfully configured your account, this will redirect your account to the new sign-in screen and log you into SalesLoft.
4. Click Enable SSO Login to apply it to your entire team. Things to Note: this will take effect immediately for all team members!
Once you've enabled SSO, you may disable it at any time from the same settings page.
If you are using an internal IDP solution or another IDP not listed here, these are the credentials typically used for setup (please contact support@SalesLoft.com if we do not list a credential you need):
- Audience/Audience URI: SalesLoft
- Recipient/ACS URL/Single sign-on URL: https://accounts.salesloft.com/auth/saml-callback
- ACS (Consumer) URL Validator: ^https:\/\/accounts\.salesloft\.com
- Entity Id: SalesLoft
- Name Id Format: Email address
Relay State is not required: If you have an existing Relay State, then you may leave it as is. If you are configuring SAML/SSO for SalesLoft for the very first time, it is advised to leave the Relay State blank.
I get an error message that says, "Sorry, you can't access SalesLoft because you are not assigned this app in Okta," when I click "Test SSO Login." This means you have not assigned this application to your profile during setup in Okta. Go back to this step and assign the app, and then try again.
I get an error message that says, "There was an error while trying to parse your metadata file. Please try again." Typically this happens when you uploaded the wrong file or file type, such as a CSV. Please check that you are uploading the metadata XML file you downloaded from Okta. This could also happen if your metadata file is corrupted; when this happens, you can usually re-download a fresh copy of the metadata file and try again.