Article author
  • Updated


AppFollow uses SAML 2.0 Compliant Version to provide a Single Sign-On option. AppFollow performs as a service provider (SP), and your internal SSO service as an identity provider (IdP).

Set up SAML 2.0

IdP configuration:

Configure these parameters in your IdP service:

  1. ACS URL:
  2. SP Entity ID:
  3. RelayState: the email associated with AppFollow owner
  4. Additional SAML attributes configuration:
  • Email: user's email
  • FirstName: user’s first name
  • LastName: user’s last name

After configuring the parameters above your SSO-service should generate your  IdP URL, IdP Entity ID and x.509 Public Certificate.

I Can’t Configure the RelayState in My SSO Service

If your service doesn’t have a field for RelayState, you might have a field called “Target Url”. You can pass RelayState through it like this:{{the email associated with AppFollow owner}}

Example of TargetUrl:

In “Advanced settings”, you need to find the option “Send RelayState without URL encoding” and turn it on.

SP Configuration in AppFollow

Save the following parameters in the AppFollow SSO settings:

  • Entity ID: IdP Entity ID *if your service doesn’t provide IdP Entity ID - then copy the value of IdP URL here*
  • SAML SSO URL: IdP URL that was generated by your SSO service
  • Public Certificate: Your x.509 certificate
You can only get these parameters after setting up your IdP.

Was this article helpful?

0 out of 0 found this helpful