What is SAML?
SAML (Security Assertion Markup Language) is a standard for SSO (single sign on). SAML allows your users to sign in to Pendo using your enterprise SSO Identity Provider.
In a nutshell, your organization can run its own SAML server to authenticate users. So you get to control password strength, two-factor authentication and restricting access to removed accounts for all your SAML-enabled SaaS apps in one place. See wikipedia SAML article for more background details.
How do I get a SAML server?
How to configure SAML SSO
There are two sides to configure: the Identity Provider (IdP) - that's your enterprise SSO provider, for example Google G-suite, or Okta. The other side is the Service Provider (SP) - that's Pendo in this case.
Here are some general instructions. Specific details are also available for Google G-Suite.
Configuring your Identity Provider (IdP)
- Log in to your Identity Provider
- Download a SAML IdP Metadata XML file from your Identity Provider
- Send the Metadata XML file to Pendo Support. Make sure to let us know whether you want to authenticate customers or team members.
- Pendo support will configure the Pendo side and email you with the Pendo metadata which includes your ACS, Issuer and Login URLs
- Add the ACS URL and Issuer URL to your Identity Provider
- Let Pendo support know this is done, and they will enable your account for SSO
- Go to your SAML login URL in your browser
- Click the "Login with SSO" button
- If you are already logged in to your Identity Provider, you'll skip the next step, otherwise...
- Log in to your Identity Provider as usual
- You will be redirected to your Pendo dashboard - you're done.
1. Do you support SAML 2.0?