> ## Documentation Index
> Fetch the complete documentation index at: https://docs.allium.so/llms.txt
> Use this file to discover all available pages before exploring further.

# SSO / SAML Setup

> Set up Single Sign-On (SSO) for Allium using your identity provider (IdP) via SAML.

Enable Single Sign-On for your organization to allow team members to authenticate using your identity provider credentials.

## Setup Process

<Steps>
  <Step title="Create a SAML Application in Your IdP">
    In your IdP's admin dashboard, create a new SAML 2.0 application/integration.
  </Step>

  <Step title="Configure SAML Details">
    When prompted for SAML configuration details, enter the following values:

    | Field                            | Value                                                     |
    | :------------------------------- | :-------------------------------------------------------- |
    | **Single sign-on URL (ACS URL)** | `https://allium-firebase.firebaseapp.com/__/auth/handler` |
    | **Entity ID (Audience URI)**     | `https://app.allium.so`                                   |

    <Warning>
      **Important:** Do not include a trailing slash in the SSO URL or Entity ID.
    </Warning>
  </Step>

  <Step title="Complete IdP Setup">
    Complete your IdP's setup flow to finalize the application configuration.

    <Tip>
      If your IdP supports it, you can restrict access by assigning specific groups or users to the application.
    </Tip>
  </Step>

  <Step title="Locate Your SAML Metadata">
    After the application is created, your IdP will provide the following values (often available under **SAML Setup Instructions**, **Metadata**, or **Configuration**):

    | Field                                    | Description                            |
    | :--------------------------------------- | :------------------------------------- |
    | **Identity Provider Single Sign-On URL** | Also called Login URL or SAML Endpoint |
    | **Identity Provider Issuer**             | Sometimes called Entity ID             |
    | **X.509 Certificate**                    | Public certificate for SAML signing    |
  </Step>

  <Step title="Navigate to Allium SSO Settings">
    In Allium, go to [**Team Settings → SSO Setup**](https://app.allium.so/settings/team).

    <Frame>
      <img src="https://mintcdn.com/allium-e770e2b7/inPsOvt9D5HavfbV/images/sso-settings.png?fit=max&auto=format&n=inPsOvt9D5HavfbV&q=85&s=6906bfb29cf21663fe023f038fc5190f" alt="Allium SSO setup page" width="1536" height="1030" data-path="images/sso-settings.png" />
    </Frame>
  </Step>

  <Step title="Enter SAML Configuration">
    Paste each of the three values from your IdP into the matching fields in Allium.
  </Step>

  <Step title="Save and Test">
    Save your changes to complete the SSO setup.
  </Step>
</Steps>

<Note>
  **Success!** Once configured, your organization members can sign in to Allium using your IdP credentials.
</Note>