Note: To use single sign-on (SSO), you must contact Support to enable the feature.
SSO enables you to use a single identity provider (IdP) to manage access to Samsara. This can be useful because:
- Users don't need to remember a separate password to manually log in to Samsara.
- IT Admins can manage sensitive login information through one IdP system, thus reducing the security risk footprint.
You can manage federated identity using either Google Authentication or third-party SSO providers. For this workflow, we'll show you how to set up SSO using Okta as the identity provider. If you are setting up Samsara with Microsoft Azure, please follow this workflow.
Step 1: Set Up Your SSO Provider in Samsara
First, Samsara needs to be aware of your identity provider. In this first step, you configure the IdP connection settings.
- From the Samsara admin dashboard, navigate to the Settings tab.
- From here, use the left side navigation to get to Single Sign-On.
- On this page, click on the blue button for New SAML Connection.
- From your IdP, add your sign-in endpoint URL and x.509 certificate. You can find this within your IdP dashboard. For Okta, this lies in the Okta Admin Dashboard.
- Save your settings.
Samsara displays a page to retrieve your sign-on URL.
Keep this page open, since you will need all the above values for Step 2.
Step 2: Link Your Identity Provider to Samsara
Next, you verify that your identity provider is aware of Samsara.
To complete the set up of your IdP, you will need the following information:
- Service Provider Entity ID
- Post-Back URL
- SAML Attributes
- Sign-In URL
Click on the Edit Connection button again to find these values.
What to expect after SSO is enabled
After you have set up SSO, administrative users can navigate to the Samsara sign-in page to log in with their corporate credentials. When a new user first logs in to the Samsara cloud, Samsara automatically provisions the account with default Read-Only (No Dash Cam Access) permissions.
Going forward, all members will sign in to Samsara with their IdP account.