{"componentChunkName":"component---smooth-doc-smooth-doc-src-templates-doc-js","path":"/docs/settings/saml-sso/","result":{"data":{"mdx":{"fields":{"pageType":"doc","title":"SAML SSO","editLink":""},"body":"var _excluded = [\"components\"];\nfunction _extends() { return _extends = Object.assign ? Object.assign.bind() : function (n) { for (var e = 1; e < arguments.length; e++) { var t = arguments[e]; for (var r in t) ({}).hasOwnProperty.call(t, r) && (n[r] = t[r]); } return n; }, _extends.apply(null, arguments); }\nfunction _objectWithoutProperties(e, t) { if (null == e) return {}; var o, r, i = _objectWithoutPropertiesLoose(e, t); if (Object.getOwnPropertySymbols) { var s = Object.getOwnPropertySymbols(e); for (r = 0; r < s.length; r++) o = s[r], t.includes(o) || {}.propertyIsEnumerable.call(e, o) && (i[o] = e[o]); } return i; }\nfunction _objectWithoutPropertiesLoose(r, e) { if (null == r) return {}; var t = {}; for (var n in r) if ({}.hasOwnProperty.call(r, n)) { if (e.includes(n)) continue; t[n] = r[n]; } return t; }\n/* @jsxRuntime classic */\n/* @jsx mdx */\n\nvar _frontmatter = {\n  \"title\": \"SAML SSO\",\n  \"description\": \"saml sso\",\n  \"order\": 46,\n  \"section\": \"Settings\"\n};\nvar layoutProps = {\n  _frontmatter: _frontmatter\n};\nvar MDXLayout = \"wrapper\";\nreturn function MDXContent(_ref) {\n  var components = _ref.components,\n    props = _objectWithoutProperties(_ref, _excluded);\n  return mdx(MDXLayout, _extends({}, layoutProps, props, {\n    components: components,\n    mdxType: \"MDXLayout\"\n  }), mdx(\"h1\", {\n    \"id\": \"saml-sso\"\n  }, mdx(\"a\", {\n    parentName: \"h1\",\n    \"href\": \"#saml-sso\",\n    \"aria-label\": \"saml sso permalink\",\n    \"className\": \"anchor\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"\", mdx(\"abbr\", {\n    parentName: \"h1\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" \", mdx(\"abbr\", {\n    parentName: \"h1\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \"\"), mdx(\"h5\", {\n    \"id\": \"add-on\"\n  }, mdx(\"a\", {\n    parentName: \"h5\",\n    \"href\": \"#add-on\",\n    \"aria-label\": \"add on permalink\",\n    \"className\": \"anchor\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"[add-on]\"), mdx(\"p\", null, \"Security Assertion Markup Language, or \", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \", can be configured as an option for authenticating users. This allows an organization to set up users in a single, centralized place and manage their access to multiple applications. Users only have to remember a single set of credentials across the systems they use. Administrators can enforce their desired password policies at the \", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" identity provider, and many providers support additional security features such as multi-factor authentication (\", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Multi-Factor Authentication\"\n  }, \"MFA\"), \").\"), mdx(\"div\", {\n    className: \"info\"\n  }, \"The SAML SSO add-on and \\\"Manage team\\\" permission flag is required to view and change the SAML SSO configuration.\"), mdx(\"h2\", {\n    \"id\": \"sp-details\"\n  }, mdx(\"a\", {\n    parentName: \"h2\",\n    \"href\": \"#sp-details\",\n    \"aria-label\": \"sp details permalink\",\n    \"className\": \"anchor\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"SP Details\"), mdx(\"p\", null, \"The SP Details form provides the information needed to configure \", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" \", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \" with your identity provider. It also provides an easy way to copy these values for use in setting up your \", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" single sign-on. These values cannot be altered via this form.\"), mdx(\"ul\", null, mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"Entity ID\"), \": The unique ID used by your identity provider to identify your PathcoreFlow team\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"Assertion Consumer Service URL\"), \": The URL used by the identity provider to send the \", mdx(\"abbr\", {\n    parentName: \"li\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" assertion. This is sometimes also called a \\\"Reply URL\\\"\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"Name ID Format\"), \": The format of the user identifier expected by PathcoreFlow in responses from the identity provider. The only format that is accepted is email address\")), mdx(\"details\", null, mdx(\"summary\", null, \" To view the SAML service provider (SP) details \"), mdx(\"ol\", null, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Click on the \", mdx(\"img\", {\n    parentName: \"p\",\n    \"src\": \"/flow/manual/latest/48d4454b8169bfddf1ca97c4c830eaaa/nav-settings.svg\",\n    \"alt\": \"Settings\"\n  }), \" \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Settings\"), \" button from the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"/flow/manual/latest/docs/repository/repository-overview/#navigation-menu\"\n  }, \"Navigation Menu\"))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Click on the \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"\", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" \", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \"\"), \" tab\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Review the values in the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#sp-details\"\n  }, \"SP Details\"), \" section\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"(Optional) Click on the \", mdx(\"img\", {\n    parentName: \"p\",\n    \"src\": \"/flow/manual/latest/251d1bb819c35da01264f72a9985335a/dialog-clipboard.svg\",\n    \"alt\": \"Copy to Clipboard\"\n  }), \" button to the right of a field to copy its contents to the clipboard\")))), mdx(\"h2\", {\n    \"id\": \"idp-details\"\n  }, mdx(\"a\", {\n    parentName: \"h2\",\n    \"href\": \"#idp-details\",\n    \"aria-label\": \"idp details permalink\",\n    \"className\": \"anchor\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"IdP Details\"), mdx(\"p\", null, \"In order to enable \", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \", an identity provider must be configured in PathcoreFlow by a team administrator.\"), mdx(\"ul\", null, mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"Entity ID\"), \": This is a unique identifier for your configured \", mdx(\"abbr\", {\n    parentName: \"li\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \" application at the identity provider\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"Single Sign On URL\"), \": The URL at the identity provider where users are redirected to complete the log in\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"Certificate\"), \": A public key provided by your identity provider in either PEM or DER format\")), mdx(\"div\", {\n    className: \"info\"\n  }, \"Only one identity provider can be configured for a team at a time.\"), mdx(\"br\", null), mdx(\"div\", {\n    className: \"info\"\n  }, \"The \\\"email\\\" attribute sent from the identity provider is used to match a user account by their email address set in PathcoreFlow. These values must match.\", mdx(\"p\", null, \"  The \\\"name\\\" attribute sent from the IdP is used to update an account's display name.\")), mdx(\"p\", null, \"Instructions for external providers are provided for convenience. If you require assistance in setting up the \", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" identity provider, please contact the support for that provider.\"), mdx(\"details\", null, mdx(\"summary\", null, \" To configure Google Workspace as your identity provider \"), mdx(\"div\", {\n    className: \"info\"\n  }, \"The user setting up SAML SSO must also be an active user in Google Workspace.\"), mdx(\"ol\", null, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Click on the \", mdx(\"img\", {\n    parentName: \"p\",\n    \"src\": \"/flow/manual/latest/48d4454b8169bfddf1ca97c4c830eaaa/nav-settings.svg\",\n    \"alt\": \"Settings\"\n  }), \" \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Settings\"), \" button from the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"/flow/manual/latest/docs/repository/repository-overview/#navigation-menu\"\n  }, \"Navigation Menu\"))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Click on the \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"\", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" \", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \"\"), \" tab\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Review the values in the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#sp-details\"\n  }, \"SP Details\"), \" section\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Follow the instructions for \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://support.google.com/a/answer/6087519\"\n  }, \"setting up your own custom \", mdx(\"abbr\", {\n    parentName: \"a\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" app\"), \" in Google Workspace Admin Help\"), mdx(\"ol\", {\n    parentName: \"li\"\n  }, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"The following table lists the PathcoreFlow \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#sp-details\"\n  }, \"SP Details\"), \" and their equivalent fields in Google Workspace's \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Service Provider Details\"), \" section:\"), mdx(\"table\", {\n    parentName: \"li\"\n  }, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"PathcoreFlow Setting\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Google Workspace Field\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Entity ID\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Entity ID\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Assertion Consumer Service URL\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"ACS URL\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"(unused)\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Start URL\"))))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Set the following Name ID settings in Google Workspace:\"), mdx(\"ul\", {\n    parentName: \"li\"\n  }, mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"Name ID format\"), \": \\\"UNSPECIFIED\\\"\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"Name ID\"), \": \\\"Primary email\\\"\"))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Configure the following in \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"\", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" attribute mapping\"), \":\"), mdx(\"table\", {\n    parentName: \"li\"\n  }, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Google Directory\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"App\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Primary email\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"email\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"First name\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"name\"))))))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Enter information from Google Workspace into the fields under the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#idp-details\"\n  }, \"IdP Details\"), \" section. The following table lists the PathcoreFlow settings and their equivalent fields in Google Workspace:\"), mdx(\"table\", {\n    parentName: \"li\"\n  }, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"PathcoreFlow Setting\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Google Workspace Field\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Entity ID\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Entity ID\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Single Sign On (\", mdx(\"abbr\", {\n    parentName: \"td\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \") URL\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"\", mdx(\"abbr\", {\n    parentName: \"td\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \" URL\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Certificate\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Certificate\"))))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Complete the configuration by following the instructions in the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#configuration\"\n  }, \"Configuration\"), \" section\")))), mdx(\"details\", null, mdx(\"summary\", null, \" To configure JumpCloud as your identity provider \"), mdx(\"ol\", null, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Click on the \", mdx(\"img\", {\n    parentName: \"p\",\n    \"src\": \"/flow/manual/latest/48d4454b8169bfddf1ca97c4c830eaaa/nav-settings.svg\",\n    \"alt\": \"Settings\"\n  }), \" \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Settings\"), \" button from the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"/flow/manual/latest/docs/repository/repository-overview/#navigation-menu\"\n  }, \"Navigation Menu\"))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Click on the \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"\", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" \", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \"\"), \" tab\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Review the values in the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#sp-details\"\n  }, \"SP Details\"), \" section\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Follow the instructions for setting up \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://jumpcloud.com/support/sso-using-custom-saml-application-connectors\"\n  }, \"\", mdx(\"abbr\", {\n    parentName: \"a\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \" using Custom \", mdx(\"abbr\", {\n    parentName: \"a\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" Application Connectors\"), \" in JumpCloud Support\"), mdx(\"ol\", {\n    parentName: \"li\"\n  }, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"The following table lists the PathcoreFlow \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#sp-details\"\n  }, \"SP Details\"), \" and their equivalent fields in JumpCloud's \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"\", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \"\"), \" section:\"), mdx(\"table\", {\n    parentName: \"li\"\n  }, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"PathcoreFlow Setting\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"JumpCloud\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Entity ID\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"SP Entity ID\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Assertion Consumer Service URL\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"ACS URLs -> Add URL\"))))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Set the following Name ID settings in JumpCloud:\"), mdx(\"ul\", {\n    parentName: \"li\"\n  }, mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"SAMLSubject NameID\"), \": \\\"email\\\"\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"SAMLSubject NameID Format\"), \": \\\"urn:oasis:names:tc:\", mdx(\"abbr\", {\n    parentName: \"li\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \":1.1:nameid-format:emailAddress\\\"\"))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Configure the following \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"User Attribute\"), \" mappings:\"), mdx(\"table\", {\n    parentName: \"li\"\n  }, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Service Provider Attribute Name\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"JumpCloud Attribute Name\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"email\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"email\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"name\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"displayname\"))))))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Download the certificate from JumpCloud and paste the contents of the file into the \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Certificate\"), \" field under the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#idp-details\"\n  }, \"IdP Details\"), \" section\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Enter information from JumpCloud into the fields under the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#idp-details\"\n  }, \"IdP Details\"), \" section. The following table lists the PathcoreFlow settings and their equivalent fields in JumpCloud:\"), mdx(\"table\", {\n    parentName: \"li\"\n  }, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"PathcoreFlow Setting\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"JumpCloud Field\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Entity ID\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"IdP Entity ID\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Single Sign On (\", mdx(\"abbr\", {\n    parentName: \"td\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \") URL\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"IDP URL\"))))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Complete the configuration by following the instructions in the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#configuration\"\n  }, \"Configuration\"), \" section\")))), mdx(\"details\", null, mdx(\"summary\", null, \" To configure Microsoft Entra ID (formerly Azure AD) as your identity provider \"), mdx(\"ol\", null, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Click on the \", mdx(\"img\", {\n    parentName: \"p\",\n    \"src\": \"/flow/manual/latest/48d4454b8169bfddf1ca97c4c830eaaa/nav-settings.svg\",\n    \"alt\": \"Settings\"\n  }), \" \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Settings\"), \" button from the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"/flow/manual/latest/docs/repository/repository-overview/#navigation-menu\"\n  }, \"Navigation Menu\"))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Click on the \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"\", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" \", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \"\"), \" tab\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Review the values in the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#sp-details\"\n  }, \"SP Details\"), \" section\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Follow the instructions for \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/add-application-portal-setup-sso\"\n  }, \"enabling \", mdx(\"abbr\", {\n    parentName: \"a\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \" for an enterprise application\"), \" in Microsoft Learn. You will need to \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Create your own application\")), mdx(\"ol\", {\n    parentName: \"li\"\n  }, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"The following table lists the PathcoreFlow \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#sp-details\"\n  }, \"SP Details\"), \" and their equivalent fields in Microsoft Entra's \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Basic \", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" Configuration\"), \" section:\"), mdx(\"table\", {\n    parentName: \"li\"\n  }, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"PathcoreFlow Setting\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Microsoft Entra Field\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Entity ID\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Identifier (Entity ID)\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Assertion Consumer Service URL\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Reply URL (Assertion Consumer Service URL)\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"(unused)\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Sign on URL\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"(unused)\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Relay State\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"(unused)\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Logout Url\"))))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Configure the following in \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Attributes \", \"&\", \" Claims\"), \":\"), mdx(\"table\", {\n    parentName: \"li\"\n  }, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Claim Name\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Namespace\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Value\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Unique User Identifier (Name ID)\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"(default)\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"user.userprincipalname\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"email\", \"*\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"(leave blank)\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"user.userprincipalname\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"name\", \"*\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"(leave blank)\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"user.displayname\")))), mdx(\"p\", {\n    parentName: \"li\"\n  }, \"*\", \" This will need to be added as a new claim, as the default does not allow a blank namespace.\")))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Download the \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Certificate (Base64)\"), \" from Microsoft Entra and paste the contents of the file in the \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Certificate\"), \" field under the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#idp-details\"\n  }, \"IdP Details\"), \" section\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Enter information from Microsoft Entra into the fields under the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#idp-details\"\n  }, \"IdP Details\"), \" section. The following table lists the PathcoreFlow settings and their equivalent fields in Microsoft Entra's \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Set up \", \"<\", \"Application Name\", \">\"), \" section:\"), mdx(\"table\", {\n    parentName: \"li\"\n  }, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"PathcoreFlow Setting\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Microsoft Entra Field\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Entity ID\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Microsoft Entra Identifier\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Single Sign On (\", mdx(\"abbr\", {\n    parentName: \"td\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \") URL\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Login URL\"))))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Complete the configuration by following the instructions in the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#configuration\"\n  }, \"Configuration\"), \" section\")))), mdx(\"details\", null, mdx(\"summary\", null, \" To configure Okta as your identity provider \"), mdx(\"ol\", null, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Click on the \", mdx(\"img\", {\n    parentName: \"p\",\n    \"src\": \"/flow/manual/latest/48d4454b8169bfddf1ca97c4c830eaaa/nav-settings.svg\",\n    \"alt\": \"Settings\"\n  }), \" \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Settings\"), \" button from the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"/flow/manual/latest/docs/repository/repository-overview/#navigation-menu\"\n  }, \"Navigation Menu\"))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Click on the \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"\", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" \", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \"\"), \" tab\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Review the values in the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#sp-details\"\n  }, \"SP Details\"), \" section\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Follow the instructions to \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://help.okta.com/oie/en-us/content/topics/apps/apps_app_integration_wizard_saml.htm\"\n  }, \"create a \", mdx(\"abbr\", {\n    parentName: \"a\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" app integration\"), \" in Okta Docs\"), mdx(\"ol\", {\n    parentName: \"li\"\n  }, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"The following table lists the PathcoreFlow \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#sp-details\"\n  }, \"SP Details\"), \" and their equivalent fields in Okta's \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Application Integration Wizard\"), \":\"), mdx(\"table\", {\n    parentName: \"li\"\n  }, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"PathcoreFlow Setting\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Okta\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Entity ID\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Audience URI (SP Entity ID)\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Assertion Consumer Service URL\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Single sign-on URL\"))))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Set the following Name ID settings in Okta:\"), mdx(\"ul\", {\n    parentName: \"li\"\n  }, mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"Application username\"), \": \\\"Email\\\"\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"Name ID format\"), \": \\\"EmailAddress\\\"\"))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Configure the following \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Attribute Statements\"), \":\"), mdx(\"table\", {\n    parentName: \"li\"\n  }, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Name\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Value\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"email\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"user.email\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"name\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"user.firstName + \\\" \\\" + user.lastName\"))))))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Enter information from Okta into the fields under the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#idp-details\"\n  }, \"IdP Details\"), \" section. The following table lists the PathcoreFlow settings and their equivalent fields in Okta:\"), mdx(\"table\", {\n    parentName: \"li\"\n  }, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"PathcoreFlow Setting\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Okta Field\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Entity ID\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Identity Provider Issuer\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Single Sign On (\", mdx(\"abbr\", {\n    parentName: \"td\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \") URL\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Identity Provider Single Sign-On URL\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Certificate\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"X.509 Certificate\"))))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Complete the configuration by following the instructions in the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#configuration\"\n  }, \"Configuration\"), \" section\")))), mdx(\"details\", null, mdx(\"summary\", null, \" To configure OneLogin as your identity provider \"), mdx(\"ol\", null, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Click on the \", mdx(\"img\", {\n    parentName: \"p\",\n    \"src\": \"/flow/manual/latest/48d4454b8169bfddf1ca97c4c830eaaa/nav-settings.svg\",\n    \"alt\": \"Settings\"\n  }), \" \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Settings\"), \" button from the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"/flow/manual/latest/docs/repository/repository-overview/#navigation-menu\"\n  }, \"Navigation Menu\"))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Click on the \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"\", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" \", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \"\"), \" tab\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Review the values in the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#sp-details\"\n  }, \"SP Details\"), \" section\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Follow the instructions for setting up an \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://onelogin.service-now.com/support?id=kb_article&sys_id=8a1f3d501b392510c12a41d5ec4bcbcc&kb_category=de885d2187372d10695f0f66cebb351f\"\n  }, \"Advanced \", mdx(\"abbr\", {\n    parentName: \"a\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" Custom Connector\"), \" and \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://onelogin.service-now.com/support?id=kb_article&sys_id=08e6b9d9879a6990c44486e5cebb3556\"\n  }, \"Configuring \", mdx(\"abbr\", {\n    parentName: \"a\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \" for \", mdx(\"abbr\", {\n    parentName: \"a\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \"-Enabled Applications\"), \" in OneLogin Support\"), mdx(\"ol\", {\n    parentName: \"li\"\n  }, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"The following table lists the PathcoreFlow \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#sp-details\"\n  }, \"SP Details\"), \" and their equivalent fields in OneLogin:\"), mdx(\"table\", {\n    parentName: \"li\"\n  }, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"PathcoreFlow Setting\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"OneLogin\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Entity ID\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Audience (EntityID)\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Assertion Consumer Service URL\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Recipient\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"(the regex escaped ACS URL)\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"ACS (Consumer) URL Validator\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Assertion Consumer Service URL\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"ACS (Consumer) URL\"))))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Set the following Name ID settings in OneLogin:\"), mdx(\"ul\", {\n    parentName: \"li\"\n  }, mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"\", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" initiator\"), \": \\\"OneLogin\\\"\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"\", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" nameID format\"), \": \\\"Email\\\"\"))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Configure the following \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Parameters\"), \":\"), mdx(\"table\", {\n    parentName: \"li\"\n  }, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Service Provider Attribute Name\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"OneLogin Parameter Name\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"email\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Email\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"name\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Name\"))))))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Enter information from OneLogin into the fields under the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#idp-details\"\n  }, \"IdP Details\"), \" section. The following table lists the PathcoreFlow settings and their equivalent fields in OneLogin:\"), mdx(\"table\", {\n    parentName: \"li\"\n  }, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"PathcoreFlow Setting\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"OneLogin Field\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Entity ID\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Issuer URL\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Single Sign On (\", mdx(\"abbr\", {\n    parentName: \"td\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \") URL\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"\", mdx(\"abbr\", {\n    parentName: \"td\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" 2.0 Endpoint (HTTP)\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Certificate\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"X.509 Certificate\"))))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Complete the configuration by following the instructions in the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#configuration\"\n  }, \"Configuration\"), \" section\")))), mdx(\"details\", null, mdx(\"summary\", null, \" To configure another service as your identity provider \"), mdx(\"div\", {\n    className: \"info\"\n  }, \"The terms used by your identity provider may differ.\"), mdx(\"ol\", null, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Click on the \", mdx(\"img\", {\n    parentName: \"p\",\n    \"src\": \"/flow/manual/latest/48d4454b8169bfddf1ca97c4c830eaaa/nav-settings.svg\",\n    \"alt\": \"Settings\"\n  }), \" \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Settings\"), \" button from the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"/flow/manual/latest/docs/repository/repository-overview/#navigation-menu\"\n  }, \"Navigation Menu\"))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Click on the \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"\", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" \", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \"\"), \" tab\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Review the values in the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#sp-details\"\n  }, \"SP Details\"), \" section\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Follow the instructions from your identity provider to set up a new \", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" application\"), mdx(\"ol\", {\n    parentName: \"li\"\n  }, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"The following table lists the PathcoreFlow \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#sp-details\"\n  }, \"SP Details\"), \" and some common equivalent fields used by identity providers:\"), mdx(\"table\", {\n    parentName: \"li\"\n  }, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"PathcoreFlow Setting\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Alternate Names\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Entity ID\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Audience, Identifier, Issuer, SP ID\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Assertion Consumer Service URL\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"ACS URL, Reply URL, Single Sign-On URL, \", mdx(\"abbr\", {\n    parentName: \"td\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \" URL\"))))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Set the following Name ID settings. Name ID may also be called SAMLSubject, Unique User ID, or App Username:\"), mdx(\"ul\", {\n    parentName: \"li\"\n  }, mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"Name ID\"), \": A user's primary email address\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"Name ID format\"), \": \\\"EmailAddress\\\" or \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\")))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Configure the following \", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" attribute mappings:\"), mdx(\"table\", {\n    parentName: \"li\"\n  }, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Name\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Value\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"email\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"User's email address\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"name\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"User's display name or full name\"))))))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Enter information from your identity provider into the fields under the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#idp-details\"\n  }, \"IdP Details\"), \" section. The following table lists the PathcoreFlow settings and some common equivalent fields used by identity providers:\"), mdx(\"table\", {\n    parentName: \"li\"\n  }, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"PathcoreFlow Setting\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Alternate Names\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Entity ID\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Identifier, Identity Provider Issuer, IdP Entity\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Single Sign On (\", mdx(\"abbr\", {\n    parentName: \"td\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \") URL\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Login URL, \", mdx(\"abbr\", {\n    parentName: \"td\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \" URL\")), mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Certificate\"), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Public key, X.509\"))))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Complete the configuration by following the instructions in the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#configuration\"\n  }, \"Configuration\"), \" section\")))), mdx(\"h2\", {\n    \"id\": \"configuration\"\n  }, mdx(\"a\", {\n    parentName: \"h2\",\n    \"href\": \"#configuration\",\n    \"aria-label\": \"configuration permalink\",\n    \"className\": \"anchor\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Configuration\"), mdx(\"ul\", null, mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"Default Permissions\"), \": The \", mdx(\"a\", {\n    parentName: \"li\",\n    \"href\": \"/flow/manual/latest/docs/settings/roles/\"\n  }, \"role\"), \" to assign to users created in PathcoreFlow by \", mdx(\"a\", {\n    parentName: \"li\",\n    \"href\": \"#jit-provisioning\"\n  }, \"\", mdx(\"abbr\", {\n    parentName: \"a\",\n    \"title\": \"Just-in-Time\"\n  }, \"JIT\"), \" Provisioning\")), mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"Default Accessible Content\"), \": The \", mdx(\"a\", {\n    parentName: \"li\",\n    \"href\": \"/flow/manual/latest/docs/settings/data-groups/\"\n  }, \"data group\"), \" to assign to users created in PathcoreFlow by \", mdx(\"a\", {\n    parentName: \"li\",\n    \"href\": \"#jit-provisioning\"\n  }, \"\", mdx(\"abbr\", {\n    parentName: \"a\",\n    \"title\": \"Just-in-Time\"\n  }, \"JIT\"), \" Provisioning\"), \". Can be set to \\\"Nothing\\\" so that an administrator must assign accessible content to new users after they successfully log in\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"Enable \", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" Authentication\"), \": This toggle enables the option to log in using the configured identity provider\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"Enforce \", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" \", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \"\"), \": This toggle will \", mdx(\"em\", {\n    parentName: \"li\"\n  }, \"require\"), \" that all users log in using the configured identity provider. Enabling this will automatically \", mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"Enable \", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" Authentication\"))), mdx(\"div\", {\n    className: \"info\"\n  }, \"Users with the system-defined Administrator role can always login via their password to prevent being locked out entirely.\"), mdx(\"details\", null, mdx(\"summary\", null, \" To finalize your SAML SSO configuration \"), mdx(\"ol\", null, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Select the desired \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"/flow/manual/latest/docs/settings/roles/\"\n  }, \"role\"), \" from the \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Default Permissions\"), \" dropdown menu\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Select the desired \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"/flow/manual/latest/docs/settings/data-groups/\"\n  }, \"data group\"), \" from the \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Default Accessible Content\"), \" dropdown menu\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Click on the \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Verify Configuration\"), \" link to validate your configuration. This must complete successfully before you can save your changes\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"(Optional) Enable the \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Enable \", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" Authentication\"), \" toggle\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"(Optional) Enable the \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Enforce \", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" \", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \"\"), \" toggle if you want to require all users to use the designated identity provider to log in\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Click on the \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Save Changes\"), \" button\"))), mdx(\"div\", {\n    className: \"warning\"\n  }, mdx(\"div\", null, \"If you have enabled \", mdx(\"b\", null, \"Enforce SAML SSO\"), \", all users on the team must authenticate through the configured identity provider (IdP). Therefore, all users will require valid credentials for the designated provider.\"))), mdx(\"details\", null, mdx(\"summary\", null, \" To disable SAML SSO for a team \"), mdx(\"ol\", null, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Click on the \", mdx(\"img\", {\n    parentName: \"p\",\n    \"src\": \"/flow/manual/latest/48d4454b8169bfddf1ca97c4c830eaaa/nav-settings.svg\",\n    \"alt\": \"Settings\"\n  }), \" \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Settings\"), \" button from the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"/flow/manual/latest/docs/repository/repository-overview/#navigation-menu\"\n  }, \"Navigation Menu\"))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Click on the \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"\", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" \", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \"\"), \" tab\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Disable the \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Enable \", mdx(\"abbr\", {\n    parentName: \"strong\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" Authentication\"), \" toggle\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Click on the \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Save Changes\"), \" button\")))), mdx(\"h2\", {\n    \"id\": \"jit-provisioning\"\n  }, mdx(\"a\", {\n    parentName: \"h2\",\n    \"href\": \"#jit-provisioning\",\n    \"aria-label\": \"jit provisioning permalink\",\n    \"className\": \"anchor\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"\", mdx(\"abbr\", {\n    parentName: \"h2\",\n    \"title\": \"Just-in-Time\"\n  }, \"JIT\"), \" Provisioning\"), mdx(\"p\", null, \"PathcoreFlow supports just-in-time (\", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Just-in-Time\"\n  }, \"JIT\"), \") provisioning of users by default when \", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Security Assertion Markup Language\"\n  }, \"SAML\"), \" \", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \" is enabled. \", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Just-in-Time\"\n  }, \"JIT\"), \" provisioning creates users in PathcoreFlow the first time they attempt to log in from their identity provider using \", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Single Sign-On\"\n  }, \"SSO\"), \". This allows administrators to manage access to PathcoreFlow directly through their identity provider.\"), mdx(\"div\", {\n    className: \"info\"\n  }, mdx(\"div\", null, \"A user created by JIT provisioning will be assigned the role and data group set in the \", mdx(\"a\", {\n    href: \"#configuration\"\n  }, \"Configuration\"), \" section.\")), mdx(\"details\", null, mdx(\"summary\", null, \" First time JIT log in steps \"), mdx(\"ol\", null, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Log in to your identity provider. Contact your team administrator if you require assistance\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Locate the PathcoreFlow app and launch it. The name of this app within your identity provider is configured by your team administrator and may be something different (e.g., \\\"Pathcore\\\" or \\\"Flow\\\"). You will be redirected to the PathcoreFlow login page\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"You will need to activate your account to continue. Check your email for a message which has instructions to \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"/flow/manual/latest/docs/settings/user-management/#account-activation\"\n  }, \"activate your account\"), \". Follow those instructions. You need to set a password for PathcoreFlow, but then you will be able to log in using your identity provider credentials\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"You are now registered with the PathcoreFlow team\"))), mdx(\"div\", {\n    className: \"info\"\n  }, \"A user only needs to activate their account once per team.\")));\n}\n;\nMDXContent.isMDXComponent = true;","tableOfContents":{"items":[{"url":"#saml-sso","title":"SAML SSO","items":[{"items":[{"items":[{"items":[{"url":"#add-on","title":"add-on"}]}]}]},{"url":"#sp-details","title":"SP Details"},{"url":"#idp-details","title":"IdP Details"},{"url":"#configuration","title":"Configuration"},{"url":"#jit-provisioning","title":"JIT Provisioning"}]}]}}},"pageContext":{"id":"67428db3-a2c5-58d2-9b75-4a51b6e037f9"}},"staticQueryHashes":["1086510573","1106176283","1122327541","2140385554","2719290676","3597609067","4027383558"]}