# SSO

This guide explains the settings you’d need to use to configure SAML with your Identity Provider. Once this is set up you should get an XML metadata file which you can provide to Spike.sh and start using SSO.

Guides for setting up SAML with other IdPs

1. [How to setup SAML on Microsoft Azure AD](https://docs.microsoft.com/en-us/power-apps/maker/portals/configure/configure-saml2-settings-azure-ad)
2. [How to setup SAML on Google Workspace](https://support.google.com/a/answer/6087519?hl=en)
3. [How to setup SAML on Onelogin](https://www.onelogin.com/blog/saml-configuration)
4. [How to setup SAML on Centrify](https://docs.centrify.com/Content/Applications/AppsCustom/AddConfigSAML.htm)

### Step 1

Follow the configurations given below while configuring your SAML with your IdP. You can configure SAML SSO for Incident Management and Status Page products individually.

{% hint style="info" %}
The below values will be the same for Okta, Microsoft Azure AD, Google, and other IdPs.
{% endhint %}

#### For our Incident management dashboard

* Assertion consumer service URL / Single Sign-On URL / Destination URL: `https://app.spike.sh/sso/oauth/saml`
* Entity ID / Identifier / Audience URI / Audience Restriction: `https://app.spike.sh`
* Response: `Signed`
* Assertion Signature: `Signed`
* Signature Algorithm: `RSA-SHA256`
* Assertion Encryption: `Unencrypted`

#### For our Status page dashboard

* Assertion consumer service URL / Single Sign-On URL / Destination URL: `https://statuspage.spike.sh/sso/status-page/oauth/saml`
* Entity ID / Identifier / Audience URI / Audience Restriction: `https://statuspage.spike.sh`
* Response: `Signed`
* Assertion Signature: `Signed`
* Signature Algorithm: `RSA-SHA256`
* Assertion Encryption: `Unencrypted`

For example, in the case of Okta users, this is how the configuration looks

![SAML configurations](/files/233Oqm3vzQGdCBiNAMvB)

### Step 2

Add user mappings as shown below. Note that `email` , `firstName` and `lastName` are mandatory.

![Mappings](/files/8msmzTLvQo3Pyu3k6mIf)

### Step 3

Once the SAML is configured, head over to Spike.sh and open [organisation settings.](https://app.spike.sh/settings/general/organisation)

Paste the IdP XML Metadata and save.

![Enter sso for spike.sh in settings](/files/cJmfJQ5GWy8DKdklUTL9)

### Step 4

Once configured, you can find the organisation slug from [organisation settings.](https://app.spike.sh/settings/general/organisation)

![](/files/wReen66cvgkISs3BEnbF) ![](/files/iDMaRLpaoGuBSpQKVeN4)

Use that slug at the time of login.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.spike.sh/administration/sso.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.