SAML SSO Integration
Sundial supports single sign-on (SSO) through SAML 2.0, so your team can log in with your existing identity provider (IdP). Pick your provider below for step-by-step setup instructions.
Supported identity providers
- Microsoft Entra (formerly Azure AD)
- Okta
- Ping Identity
- Google SSO
Common values
These values are the same across every provider. You will be asked for them while creating the SAML application in your IdP.
| Field | Value |
|---|---|
| ACS / Reply / Single sign-on URL | https://sundial-fe060.firebaseapp.com/__/auth/handler |
| Entity ID / Audience URI (SP Entity ID) | Sundial |
| Application Base URL (optional) | https://app.sundial.so/ |
Username / Name ID must be email
Across all providers, set the application username / Name ID format to email. Sundial matches users by email address, so this must resolve to the user's primary email.
What to send back to Sundial
To complete the integration, share the following with the Sundial team (via a secure channel) once your SAML app is configured:
| Provider | What to share |
|---|---|
| Microsoft Entra | Certificate (Base64), Login URL, Microsoft Entra Identifier |
| Okta | Embed Link (SSO URL) and IdP metadata (entity ID + signing certificate) |
| Ping Identity | Initiate Single Sign-On URL, downloaded metadata, signing certificate |
| Google SSO | Downloaded IdP metadata file |
Need help?
If you run into any issues during setup, reach out to the Sundial team at support@sundial.so.
Still have questions?
Write to support@sundial.so