Toggle navigation

Setting up a Space for Single Sign-On Authentication (SAML)

Single-Sign-On (SSO) is a secure way to let users log in to the different services that a company uses. It is a good alternative to using multiple passwords and might even be a requirement for some companies.

Balsamiq Cloud supports SSO via Security Assertion Markup Language (SAML). When the feature is enabled, users will be able to log into Balsamiq Cloud via their company's Identity Provider (IdP).

Configuring Single Sign-On

Space Owners can configure and enable SSO from the Space Settings, as shown below.

Clicking "Configure SSO..." reveals the four configuration steps below that will help you set up Balsamiq Cloud as a SAML Service Provider.

Step 1 - Service Provider Details

The first step of the configuration provides the details you need to enter in your Identity Provider to set up Balsamiq Cloud as a SAML Service Provider. Some terminologies might differ from one IdP to another so we'll cover some of those differences in this section.

Step 2 - Identity Provider Details

Now that you have filled in the necessary details in your IdP and validated those, let's collect the resulting details needed to set up Balsamiq Cloud:

  • the SAML 2.0 Endpoint
  • the IdP Issuer
  • the Public Certificate

Step 3 - Test Configuration

All details should have been set up in the first two steps, it's time to verify your SAML configuration before we can enable it.

Step 4 - Turn On SAML

This last step should be the easiest one. Now that the verification has been made, you can turn on SAML for your Space!

Turning Off Single Sign-On

Space Owners can disable SSO from the Space Settings, as shown below, by clicking "Configure or Turn Off SSO..." > "Turn Off SSO..".