Submit a ticket

Activate Single Sign-on (SSO)

This feature is only available for the price plan Enterprise.

This quick guide helps you integrate SSO for a secure and efficient login process using popular platforms like Azure and Google Workspace. Set up is simple, enhancing your Oneflow experience with ease.

Supported platforms

Currently, we support the following platforms for using SSO:

  • Azure 
  • ADFS 
  • ForgeRock
  • Google Workspace
  • Duo 
  • OneTouch

Enable SSO on your chosen platform

To enable SSO, follow these general steps depending on what platform you are using:

  1. Download the Federation Metadata XML file from your identity provider (Azure, ADFS, etc.).
  2. Gather the following fields from the file content:
  • Step one - entityID.

    Example for Google:
    Example for Azure:

  • Step two X509Certificate.
    It is a long string. If there is more than one certificate, choose the first one.

    Example: MIIDdDCCAlygA…
    Example: MIIC8DCCAdigA...

  •  Step three - SingleSignOnService
    (Attribute: Location)

    Example for Google:""
    Example for Azure: ""

Enable Single Sign-On in Oneflow

  1. Log in to your Oneflow account.
  2. Go to Admin > Extensions.
  3. Enable the Single sign-on extension (if disabled).
  4. Open the Single sign-on extension and click Edit single sign-on.

Configure Single Sign-On (SSO)

  1. Click on Edit 
  2. Select an identity provider in the "Type" field.
  3. Specify SSO service URL (the ‘SingleSignOnService (Attribute: Location)’ field from the ‘Federation Metadata XML’ file).
  4. Specify Entity ID (the ‘entityID’ field from the ‘Federation Metadata XML’ file).
  5. Specify X.509 certificate (the ‘X509Certificate’ field from the ‘Federation Metadata XML’ file).
  6. Click Confirm in the top left corner.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.