Who can use this?
Plan: Enterprise (only admins)
Managed from: Admin Dashboard
Other: IdP account admin privileges
This article describes how to set up Krisp SSO login with your Identity Provider (IdP). Single sign-on allows you to log in using your company credentials. Krisp's single sign-on (SSO) is based on SAML 2.0.
Check this article to learn more about how you can get started with Krisp SSO.
First, go to your Admin Dashboard >>> Settings >>> Security >>> Authentication. Check the Enable SSO box and click on SAML to open Configure SAML panel. You'll need this info for further steps. Let's call this Krisp Settings.
Follow these steps to configure Krisp SSO with GSuite.
- Go to your GSuite admin account.
- Go to the Apps section >>> Web and mobile apps.
- Select Add custom SAML app from the Add app dropdown.
- You will be led to the App details step.
- Set an Application name. Ex: KrispApp
- Set a Description. Ex: Krisp SAML SSO
- Upload your company logo as a .png or .gif file >>> click Continue.
- You will be led to Google Identity Provider detail step.
- Copy the SSO URL from the GSuite dashboard to the Identity Provider Single Sign On URL field in the Krisp Settings.
- Download the Certificate from the GSuite Dashboard. Open it with a text editor and copy it to the X-509 Certificate field in the Krisp Settings >>> click Continue.
- You will be led to the Service Provider Details step.
- Copy the Reply URL (Assertion Consumer Service URL) from Krisp Settings to the ACS URL field.
- Copy the Single Sign On URL from Krisp Settings to the Start URL field.
- Set an Entity ID. Ex: MyGSuiteEntityID. Copy it to both the Audience URI and Identity Provider Issuer fields of Krisp Settings and save the changes there.
- Make sure that Basic Information >>> Primary Email options are selected for the Name ID.
- Pick EMAIL as the Name ID Format.
- You will be led to the Attribute Mapping step.
- Click ADD MAPPING.
- Set the mapping as Primary email >>> Email.
- Click Finish.
- Now all you need to do is activate the created app. On the application page, expand the User access section by choosing the expand icon in the top corner.
Pick who within your organization the SSO should be on for and Save.
Now your team members will be able to sign into their Krisp accounts by logging into their GSuite accounts using the Krisp team slug.