- What is SAML SSO?
- Option to Require Login by SSO
- Configuration in Lofty
- Identity Provider (IdP) Setup
What is SAML SSO?
Pre-requisites for SSO with Lofty
Your Identity Provider (IdP) must support the SAML 2.0 standard.
Only Lofty users with the permission "Manage User/Entire Company" enabled can configure SAML SSO for Lofty. SSO is only valid for Enterprise and Multi-team packages.
Benefits of SSO
Streamlines user management across systems for team owners/admins.
Removes the need for end-users to remember and manage multiple passwords. Simplifies end user's experience by allowing them to sign in at one single access point and enjoy a seamless experience across multiple applications.
Option to Require Login by SSO
The login method setting provides an option that requires all Lofty users to sign into their Lofty account, both website and mobile app, using Single Sign On (SSO). By default, if you have already set up SSO for your Lofty account, the Login Method will be set to Any Method.
The permission to enable SSO is called the SSO Setting. You must have this permission enabled in order to enable or disable the SSO requirement.
Configuration in Lofty
To configure Single Sign On in your Lofty account, follow these steps:
- Navigate to the CMS tool. Within the Settings, select SSO Configuration
- Toggle the setting On to get started
- Set Application in SSO Third Party: SSO URL and SP Entity ID. Copy and paste it to your Identity Provider (IdP)
- SAML identification: An IDP metadata XML needs to be uploaded. For more information on where to obtain this file, please refer to the IDP Setup below.
After you complete the SAML SSO configuration, the users in your team can log in to Lofty via SAML SSO or through their original Lofty account.
Identity Provider (IdP) Setup
- Sign in to your Admin counsel at https://admin.google.com/.
- From the Admin console Home page, go to Apps > Web and mobile apps.
- Click Add App > Add custom SAML app.
- In Lofty, go to the Settings-->SSO Setting
- Copy the SSO URL and SP Entity ID from Set Application in SSO Third Party.
- Paste to the corresponding fields.
4. Map the primary email to the email in-app attributes
5. Turn on the service
Step 3: Configure SAML Settings in Lofty
1. Download SAML Metadata
2. Upload SAML Metadata to Lofty and turn on the switch
3. Turn on the SSO switch
Step 1: Add Lofty to Okta's application
1. Log in to Okta. Make sure you are in the administrative instance of your Okta developer account.
2. Go to the Application tab, click Create App Integration
3. Click "Create New App"
4. Select Web as your platform and SAML 2.0 as your Sign-in method then click "Next".
2. Copy the SSO URL and SP Entity ID from the Set Application in SSO Third Party.
If you have any questions regarding this topic or any others, please reach out to our Support Team via email at <firstname.lastname@example.org>, by phone at 1 (855) 981-7557, or by a chat with us through your Lofty CRM.