Skip to main content
SSO in Pi

How to enable Single Sign On in Pi

Jay Langridge avatar
Written by Jay Langridge
Updated over a week ago

Pi Supports Single Sign On via SAML 2.0.

How it works

In Pi, each user login is associated with an email address. You can specify that any users attempting to log in with @your-domain.com email addresses will be sent to your SSO provider instead of logging in directly with usernames and passwords. This applies globally, so once enabled, any existing users will be required to log in with SSO as well as any new users added to your account.

The setup process is manual and just requires a few pieces of information to be exchanged, as detailed below.

Set up you need to perform in your identity provider

Copy and paste the following values into your system:

(note: these URLs do not return content if you visit them in the browser, they are simply used as unique identifiers)

3. SAML Attributes

You need to make sure the following SAML attributes are also provided:

- Email (with the key being exactly "Email" or "email")

Details you need to send us

Please send over the following 4 pieces of information to our support team at support@pi-datametrics.com and we’ll get you set up!

  1. Email domain e.g. my-domain.com.

All of your users must use the same email domain to be logged in using SSO

  1. Your Entity ID e.g. https://idp.my-domain.com
    A Unique identifier for the identity provider

  2. X.509 type certificate
    Used for validation of requests

  3. SAML URL e.g. https://idp.my-domain.com/sso/sign-in/
    Where users will be redirected to for the login process

Did this answer your question?