SSO
Overview
Conduit offers flexible Single Sign-On (SSO) implementation options, allowing you to require SSO authentication for either your entire organization or specific users based on your security requirements. Currently, SAML protocol is fully supported, with OpenID Connect (OIDC) integration scheduled for deployment in the near future. For SAML integration instructions, please reference the guide below.
Upon SSO activation for your organization, users will automatically be directed to the dedicated SSO authentication portal: https://getconduit.ai/sso/login/
SAML
Please contact Conduit's engineering team at [email protected] to initiate SSO implementation via SAML for your organization. You will need to provide the following information from your Identity Provider (IdP):
- SAML signing certificate
- Sign-In URL
Conduit's complete SAML configuration parameters can be found in the sections below.
SAML Configuration Parameters
Please configure your Identity Provider (IdP) with the following parameters:
| Parameter | Value |
|---|---|
| Entity ID / Issuer | getconduit.ai |
| Assertion Consumer Service (ACS) URL | https://getconduit.ai/sso/acs/ |
| Binding Method | HTTP-POST |
| NameID Format | Email Address (do not include name format) |
Required Attributes
Conduit requires the following user attributes to be included in the SAML assertion:
| Conduit Attribute | IdP Attribute |
|---|---|
| http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress |
Okta
| Name | Name format | Value |
|---|---|---|
| emailAddress | Unspecified | user.email |