SAML integration

Overview

SAML (Security Assertion Markup Language) is an open standard for securely exchanging authentication and authorization data between an Identity Provider (IdP) and a Service Provider (SP). Hideez Enterprise Server (HES) supports SAML 2.0 and can act as an Identity Provider, enabling passwordless Single Sign-On (SSO) for enterprise applications. By integrating HES with third-party services, you can centralize user authentication and enforce modern security practices such as multi-f

Setup Flow

To set up SAML SSO using Hideez Enterprise Server as the Identity Provider:

  1. Prepare Metadata

    • Export the SAML metadata file or SSO endpoint URL from your HES (available in Settings → Parameters → SAML).

    • Obtain the SAML metadata or ACS URL from the target Service Provider (SP).

  2. Configure the Service Provider (SP)

    • In the SP's admin panel, register HES as a SAML IdP by uploading the HES metadata or manually entering the IdP SSO URL and certificate.

    • Specify the expected attributes (e.g., email, username) and map them if required.

  3. Configure HES as IdP

    • In the HES admin console, go to Settings → Parameters → SAML.

    • Add a new Service Provider using the metadata or manual configuration (ACS URL, Entity ID, etc.).

    • Specify attribute mappings according to SP requirements.

  4. Assign Users

    • Ensure the users exist in both HES and the SP (or use just-in-time provisioning if supported).

    • Confirm their email or username matches the attribute used in the SAML assertion.

  5. Test the SSO Integration

    • Initiate a login request from the SP and verify redirection to HES for authentication.

    • Authenticate using any available passwordless method (passkey, mobile app, or Hideez Key).

    • On success, access to the SP should be granted without entering credentials.

Supported Services

You can configure SAML SSO with the following commonly used services:

you have any questions about these instructions or need support with using Hideez Enterprise Server, please contact our Support team at [email protected].

If you need assistance with server setup or configuring SAML, our support team is also available to help. We’ll be happy to assist you!

Last updated

Was this helpful?