Configure SSO on Admin Portal

About

This guide walks you through the steps to configure Single Sign-On (SSO) for the Sanas Admin Portal.

Before You Begin

Access Requirements

• You need admin privileges for the  Sanas Admin Portal and your Identity Provider (IdP) account.

User Management

• Ensure all intended users are added to Sanas and assigned to a workspace. Unassigned users will fail authentication when attempting to log in via SSO.

Supported Identity Providers

We’re continuously enhancing our integrations and may support additional IdPs in future.

• Okta

• Azure Active Directory (AD)

Configuring SSO on Admin Portal

1. Gather Required Details from Sanas Admin Portal.

   1. Log in to the Sanas Admin Portal with your admin credentials.

   2. Navigate to the Settings menu.

   3. Click Manage, under the Portal Authentication.

   4. Enable the SSO option if it’s disabled.

   5. Copy and securely save the following values. We will need these details later to configure your IdP:

      • Identifier

      • Reply URL (Assertion Consumer Service URL)

2. Create a SAML Application in Okta.

   1. Log in to your Okta account.

   2. In Okta, navigate to Applications > Applications and click Create App Integration.

   3. Select SAML 2.0 as the sign-in method, then click Next.

   4. Fill in the application details and click Next:

      Note: These values will be visible on Admin Portal to users logging in via SSO.

      • App Name: Enter an app name (e.g., "Sanas Admin Portal").

      • App Logo: Upload your desired logo (optional).
        

   5. In SAML Settings, enter the following:

      • Single Sign-On URL: Paste the Reply URL you copied from Step 1.

      • Audience URI: Paste the Identifier you copied from Step 1.

      • Name ID Format: Set to EmailAddress.

      • Application Username: Set to Okta username.

   6. Under Attribute Statements, configure the following mappings:

      • username: user.login

      • name: user.firstName + " " + user.lastName

      • (Optional) sanasTeam: user.sanasTeam

      • sanasUserType: user.sanasUserType

        

   7. Select This is an internal app that we have created, then click Finish.

3. Retrieve SSO Details from Okta

   1. Open the newly created SAML application in Okta.

   2. Navigate to the Sign On tab and copy the Sign on URL. Save it securely — you’ll need it to complete the Sanas configuration.
      

   3. In the SAML Signing Certificates section, click the Actions button next to SHA-2 and select Download certificate.
      

4. Complete SSO Configuration in Sanas Admin Portal

   1. Return to the SSO Settings page in the Sanas Admin Portal.

   2. Paste the Sign on URL (from Step 3.b) into the Identity Provider Single Sign-On URL field.

   3. Upload the X.509 certificate downloaded in Step 3.c.

   4. Click Save. A success message will confirm that SSO has been configured.

   5. Perform a test login to ensure SSO is working correctly.

      User Management on Okta

      Ensure all Sanas admin users are added to your Okta directory to avoid authentication errors.

Troubleshooting

If you encounter issues during configuration or login, refer to our SSO Troubleshooting Guide.

Support