Setting up SAML based SSO – Using Your Own IdP
To set up Single Sign-On (SSO) with your organization’s Identity Provider (IdP), Manifestly supports SAML 2.0. You’ll need to gather information from your IdP and enter it into Manifestly.
Step 1: Create a New SAML Application in Your IdP
Follow your IdP’s documentation to create a new SAML 2.0 application. You’ll typically be asked to provide:
- ACS (Assertion Consumer Service) URL
This will be:
https://app.manifest.ly/users/saml/auth - Entity ID / Audience URI
Use:
https://app.manifest.ly/users/saml/metadata - NameID Format
Use:emailAddress
(The NameID should map to your users’ email addresses.) - Attribute Statements (optional)
You can optionally map attributes likefirstName,lastName, oremail, but these aren’t required.
Step 2: Gather the Required SAML Metadata from Your IdP
Once the application is created, your IdP will provide the following fields:
- SAML Certificate (X.509) – This is your IdP’s public certificate.
- SAML Entity ID – Often the same as the IdP’s metadata URL or application ID.
- SAML SSO URL – Also called the SAML Login URL or Identity Provider SSO URL.
Step 3: Enter the Details into Manifestly
In your Manifestly Admin settings:
- Go to Account Settings > SSO / Single Sign-On.
- Add the string to complete the URL for where your users will sign in, example app.manifest.ly/a/acmeco
- Enter the fields as follows:
- SAML Cert → Paste your IdP’s X.509 certificate.
- SAML Entity → Paste the Entity ID from your IdP.
- SAML URL → Paste the SAML Login URL (SSO URL).
- Do not make it required until you have tested.
- Save the configuration.
Step 4: Test Your SSO Login
Once everything is saved, test SSO by visiting:
https://app.manifest.ly/a/{{your signon}}
If you’ve entered everything correctly, you’ll be redirected to your IdP for authentication and returned to Manifestly upon success.