Not logged in - Login
< back


Safe does support connectivity with your preferred SAML IDP system. This may be set up in the Settings > Organization general tab.

Go to the section SAML Settings

Local SAFE accounts are required for all users. You will still create users in Settings > User Admin and apply all necessary permissions to those uers. SAML connectivity simply removes the login process and passes that off to your SAML system.

Before applying the SAML settings on this page make sure your email address is the SAML as is registered in your SAML system. If the email address does not line up you will NOT be able to log in after applying the SAML settings.

Identity Provider configuration

There are many IDP SAML providers, in this example, we are going to show setup for Okta. This example should be pretty similar for most providers.

  1. ClickGo Editto OKTA (or your chosen provider) admin portal of your organization and Sign In
  2. Click Onon to“Admin” enableat thisthe optionright top corner
  3. EnterGo yourto providerApplications IDP-> NameApplications and-> MetadataAdd inApplication required-> fields.Create New App
  4. ClickConfigure SAML settings:

    Single sign on URL =
    Audience URI (SP Entity ID) =
  5. Go to the next step
  6. On the “Sign On” tab, download “Identity Provider metadata” (it will be required for Service Provider configuration)

Service Provider configuration

  1. Go to and login via Org Admin
  2. Open Settings -> Organization -> Org Settings
  3. Scroll down to SAML Settings
  4. Set Enabled to “On”
  5. Open SAML metadata file (downloaded in previous step) in any text editor
  6. Find entityID attribute and copy-paste it’s value into IdP Name
  7. Copy-paste full content of the metadata file into IdP Metadata
  8. Save changes

Now try and connect to our site via your SAML provider site.