Overview
SAML SSO lets your organization centrally manage authentication and user access. Once enabled, users will authenticate through your identity provider, such as Okta, Azure AD, OneLogin, Ping, or any SAML-compatible system. Starbridge supports both SP-initiated and IdP-initiated login:- SP-initiated login — Users start at the Starbridge login page and are redirected to your identity provider to authenticate.
- IdP-initiated login — Users start from your identity provider\u2019s app portal (for example, the Okta dashboard or Azure My Apps) and are signed directly into Starbridge without visiting the login page first.
Choose your authentication mode
In Authentication Mode, choose how your users should authenticate going forward:
- Password-only
- SSO required
- SSO + password
Users sign in using only their Starbridge password. SSO is disabled.
Enter your identity provider (IdP) details
Your IdP will provide two pieces of information that must be entered into Starbridge.Sign-in URLThis is your IdP\u2019s SAML login endpoint (often called the \u201cSSO URL,\u201d \u201cLogin URL,\u201d or \u201cIdentity Provider SSO URL\u201d). Paste the full URL from your identity provider.X.509 certificatePaste the X.509 certificate provided by your IdP. This certificate is used to verify signed SAML responses returned by your identity provider.
Save your configuration
After pasting your Sign-in URL and X.509 certificate, click Save.If the settings validate successfully, Starbridge will display the remaining values your IdP needs to complete the SSO connection.
Copy Starbridge values back to your IdP
Starbridge will display your application-specific SAML details, including:
- Domain
- Entity ID
- SSO URL
Need help?
If you need assistance configuring your identity provider or troubleshooting SSO, contact support@starbridge.ai and include:- Your IdP (Okta, Azure AD, etc.)
- A screenshot of your SAML configuration
- The error message seen during login (if any)