Single Sign On (SSO) SAML V2

Single Sign-On (SSO) allows users to log in to PandaSuite using their corporate identity, without needing to create an additional account. 

PandaSuite supports the SAML v2 protocol, used by many identity providers (IdP) such as Azure AD, Google Workspace, Okta, Auth0, etc.

Where to enable SSO?

  • On the editor side → For users accessing PandaSuite Studio.
  • On the web app side → For applications created with PandaSuite (Web App / PWA).
  • In this article

    What is SSO via SAML V2?

    Single Sign-On (SSO) is an authentication method that allows users to securely log in to multiple applications with a single credential.

    Why use SSO?

    • Enhanced security: fewer passwords to manage, reducing the risk of phishing.
    • Seamless experience: smooth login without repeated authentication.
    • Centralized management: access controlled by the IT administrator via an IdP.

    The SAML v2 protocol

    SAML ( Security Assertion Markup Language) is an XML standard that allows a service provider (SP), like PandaSuite, to delegate authentication to an identity provider (IdP).

    How does SSO work?

    SSO is based on a secure exchange of authentication tokens between PandaSuite and your identity provider (IdP).

    1. The user attempts to access PandaSuite or a web app.
    2. PandaSuite sends an authentication request to the IdP with a token containing the user's email.
    3. The IdP checks if the user is already logged in:

      ✅ If yes, access is granted immediately.
      🔄 Otherwise, they are redirected to their company’s login page.
    4. The user authenticates with their IdP (e.g., Microsoft 365, Google, Okta credentials, etc.).
    5. The IdP validates the identity and sends a SAML token to PandaSuite.
    6. PandaSuite validates the token and grants access to the user.

    💡 Everything happens in the background, without the user having to enter a password on PandaSuite!

    Setting up SSO for a web app

    ⚠️ Currently, SSO authentication with SAML V2 is only compatible with web apps / PWA. For a native application, please contact our team.

    Here are the steps to configure SSO for a web app created with PandaSuite: 

    • Log in to your PandaSuite account.
    • Go to the Apps section and select your web app.
    • Go to the Security tab.
    • Enable SSO.
    • Import the XML metadata file or enter the URL provided by your IdP.
    • Validate the configuration and test the connection.

    Setting up SSO to access PandaSuite Studio

    💡 Setup requires contacting the PandaSuite team. 

    Here are the steps to configure SSO for PandaSuite user accounts: 

    1. Contact our team and send us the XML metadata file of the Service Provider or a URL containing:

      EntityID
      Attribute Consume Service Endpoint
      Single Logout Service Endpoint
      Public X.509 Certificate
      NameId Format
      Organization info & Contact info
    2. We will send you a URL to configure your identity provider.
    3. Once the setup is complete, your users will be able to access PandaSuite Studio via SSO.
    Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.