Please note: SAML is not enabled by default. You can contact Support for more information about enabling it. If you are using Azure there are some additional steps required to configure a SAML Identity Provider before setup.
How to Setup SSO
Please consider the restrictions listed in the Limitations section below before requesting this feature.
If you are ready to start the process please send Support the following:
- Your Identity Provider (IDP) metadata (xml file). This must include an Entity ID.
- A Signature signing certificate (TXT file)
We will then send back our SAML Service Provider (SP) metadata (XML file). This will include our Entity ID, which can vary depending on your region. Once this data has been exchanged, we can deploy the configuration changes to our SAML server.
Finally, we arrange a date and time to 'switch on' the feature and provide the last instructions on how to register the SSO users within the Act-On platform.
Act-On SAML service has a 2-hour refresh requirement, so users will need to refresh their IDP session. Most IDPs do this automatically, however, Azure does not and it requires session management to be set up.
Limitations
There are a few restrictions to using this setup
- You cannot use Act-On's standard login feature to access the platform
- You cannot view/reset/change your Act-On password through the platform
- You cannot use the Act-On Anywhere plugin with SSO users.
- You cannot authenticate to the API with SSO users.
- This includes using external tools that use the API such as Zapier.
If API access is needed, we can set up a non-SSO user that can be dedicated to those integrations.