We support SAML (Security Assertion Markup Language), which is an industry-standard way for identity providers like Okta and OneLogin to securely pass authorization credentials to Avocode. Enterprise administrators can rest easy knowing that their users' Avocode accounts are secured by the same identity provider that they already trust.

How to log into Avocode using Single Sign-On (SSO)?

  1. Make sure that your team has SSO enabled.
  2. Go to https://app.avocode.com, the desktop app, or your organization’s personal Avocode login link.
  3. Click the "Login via SSO" link at the bottom right corner of the login page.
  4. Enter your email address and click "Continue".
  5. This will take you to your identity provider for login.
  6. You are now logged into your Avocode account.

How to set up Single Sign-On (SSO) for your team?

Many identity providers support the SAML standard and we've provided setup instructions for the most common ones. However, if you use a different identity provider and need help setting things up, please contact our support team.

Okta

1. Navigate to your Okta admin dashboard and switch to the Classic UI if you aren't there already.

2. Click Applications, click Add Application and then click Create New App.

3. Ensure that platform is Web and SAML 2.0 is selected.

4. Name the app Avocode.

5. You can upload this icon for the app: https://avocode.s3.amazonaws.com/logo.png

6. Click Next.

7. Fill in the following values with placeholder text (we will change them later):

8. Click Next.

9. Click "I'm an Okta customer..." and then click Finish.

10. In the settings page, there is a yellow section that says, "SAML 2.0 is not configured..." Click View Setup Instructions.

11. Go to the bottom of the page to the section labelled "Provide the following IDP metadata to your SP provider". Copy and paste that block.

12. Log into the Avocode app as the team owner and go to Team Settings and then click the SSO tab.

13. Fill in the form in Avocode:

  • Choose a unique Organization Name
  • Paste the contents of the SAML Metadata file that you copied in Step 11.
  • Leave Entity ID blank unless you know that you need it.

14. Click Save Changes. A list of variables should show up.

15. Back in Okta, click the General tab, scroll down to the SAML Settings section and click Edit in the top right corner.

16. Click Next.

17. Fill in the following values (referencing the variables from Avocode):

  • SP ACS URL → Single sign on URL
  • SP Audience URL → Audience URI (SP Entity ID)

18. Under Attribute Statements (Optional), enter the following values:

  • User.FirstName → user.firstName
  • User.LastName → user.lastName

19. Click Next and then Finish.


OneLogin

1. Navigate to your OneLogin admin dashboard and click Applications and then Add App.

2. In the search box, type "saml test" and press Enter.

3. Click SAML Test Connector (IdP w/ attr w/ sign response).

4. Name the app "Avocode".

5. You can upload this icon for the app: https://avocode.s3.amazonaws.com/logo.png

6. Click Save at the top right side of the screen.

7. Click the SSO tab. Hover over the More Actions menu and click SAML Metadata.

8. Log into the Avocode app as the team owner and go to Team Settings and then click the SSO tab.

9. Fill in the form in Avocode:

  • Choose a unique Organization Name
  • Paste the contents of the SAML Metadata file that you downloaded in Step 7 into IdP Metadata.
  • Leave Entity ID blank unless you know that you need it.

10. You should see a list of variables. Fill these variables into the OneLogin app configuration:

  • SP Audience URL → Audience
  • SP ACS URL → ACS (Consumer) URL
  • SP ACS URL → Recipient

12. Enter the string "^https:\/\/.*" in the ACS (Consumer) URL Validator.

13. Click Save at the top right side of the screen.

Did this answer your question?