Making sure your users only use federated single sign-on to authenticate

Federating Identity with Azure Active Directory

How to add or replace an x509 certificate for Azure Active Directory federations

Configuring multi-factor authentication (MFA)

Identity and MFA FAQs for admins

Password policy

Resetting passwords

User roles and permissions

Creating and managing users

Onboarding new users with welcome emails

Adding custom content to welcome emails

Creating and managing custom scopes

Add Login URLs to your Organisation

MFA - mandatory for Admins

Unlock user account

Setting up a SAML Client

An Introduction to Multi-Factor Authentication & Single Sign-On

Identity and MFA FAQs

OneAdvanced Single Sign-on login process when using an authenticator app

OneAdvanced Single Sign-on login process when using email for authentication

OneAdvanced Single Sign-on login process for federated accounts

OneAdvanced Identity login using username

User Journey for EasyPass (Passkeys)

Security questions

How to help keep your OneAdvanced account safe and secure

Connectors

API clients

API clients for Financials

Introducing OneAdvanced AI

How does OneAdvanced AI work?

Benefits of using OneAdvanced AI

Limitations of using OneAdvanced AI

Definition of terms

Getting started with prompts in OneAdvanced AI

Prompt engineering

Avoiding Common Pitfalls and Errors

Using Prompts in OneAdvanced AI

Using OneAdvanced AI to Summarise a Document

Using OneAdvanced AI to Simplify Information

Using OneAdvanced AI to Compare Documents

Using OneAdvanced AI to Create Visuals Using Data

What are Private Spaces

Using Your Personal Space

Introducing Intelligent Chat Agents

Accessing Intelligent Chat Agents

Using Intelligent Chat Agents

Intelligent Chat Agents Catalogue

Managing User Licensing

Organisation Space

Guardrail Configuration

Agent Configurations

Frequently asked questions

Getting Started

How To - Add a Spreadsheet or Chart to your Desk

How To - Add Youtube Videos to a Desk

How To - Add a Spotify Playlist to a Desk

How To - Add Microsoft Stream Videos to a Desk

How to stop unwanted time-outs

Creating Groups

Feature Desks

Desks Overview

Applets Overview

Advanced Financials Applets

Setting up Advanced Financials Applets

Advanced HR Applets

Clear Review Applets

Contract Management Applets

Countdown Applet

Desk Notes Applet

iFrame Applet

My Link/Links Applet

RSS Feed Applet

Ideas Applets

Tasks

Data Platform FAQs

Data Platform (Bring Your Own BI/Data Share) - Connection Options

Data Platform (Bring Your Own BI/Data Share) - User Licence Assignment Administration

Data Platform (Bring Your Own BI/Data Share) – How to Connect Microsoft Power BI to OneAdvanced Data Platform

Data Platform (Bring Your Own BI/Data Share) - Snowflake ODBC Connector Configuration Guide

Data Platform (Bring Your Own BI/Data Share) - Connecting Microsoft Excel to Snowflake Using ODBC

How to install the OneAdvanced mobile app on your device

All topics
Identity

Admins

Setting up a SAML Client

Setting up a SAML Client

Updated 2 weeks ago by bhavik.patel@oneadvanced.com

Introduction

The SAML Client feature allows organisation to integrate with third-party applications using SAML (Security Assertion Markup Language) for secure single sign-on (SSO).

How can I access SAML client

The SAML Client module is only available under certain conditions:

User Role: You must be logged in as a Customer Admin user within your organisation.
Navigation: Apps > Integration > SAML Client.

SAML Client List

Customer admins can navigate to SAML clients via Apps > Integration > SAML Clients

When you open the SAML Client section, you will see a list of existing SAML clients for your organisation.

The list view displays the following details:

Name – The display name of the SAML client.
Issuer – The unique identifier provided by the SAML service provider.
Status – Indicates whether the client is active or disabled.
Action – Options to edit, delete the client.

Creating a new SAML Client

To add a new SAML client, click on Add Client button. You will need to fill in the following fields:

Client Name

A friendly name for the client.

Issuer

A unique identifier (Entity ID) provided by the service provider.

Description (Optional)

Add notes to help identify the purpose of this SAML client.

Redirect URIs

The URL(s) where the user will be redirected after authentication.
You may add multiple URIs if service provider supports them.

Certificate (PEM Format)

The X.509 certificate from the service provider.

Service Provider Metadata URL

If available, enter the metadata URL provided by the service provider.

Enforce HTTP-POST Binding (Enable/Disable)

When enabled, responses must use HTTP-POST binding (recommended for security).

Name ID Format

Defines the format of the user identifier sent in the SAML response.
Common options:
- Username (default)
- Email Address
- Persistent
- Transient

Edit SAML Client

SAML clients can be updated using the Edit option available on the SAML Client List screen.

When you open the Edit SAML Client screen, you can:

Update any of the existing fields such as Client Name, Redirect URIs, Certificate, or Name ID Format.
Change the Enforce HTTP-POST Binding setting if required.
Update or replace the Service Provider Metadata URL if your service provider configuration has changed.

IDP Metadata URL

On the Edit SAML Client screen, you will also find the IDP Metadata URL.

This URL provides metadata about your organisation’s Identity Provider (IdP).
It can be copied and shared with your service provider to help them configure their end of the SAML integration.

Best Practices

Always verify details with your service provider before saving.
Ensure certificates are up-to-date to avoid login failures.
Use HTTP-POST binding for maximum compatibility and security.