All Collections
Announcements and Changelog
Changelog
Setting up single sign-on (SSO) with AnnounceKit
Setting up single sign-on (SSO) with AnnounceKit

A seamsless and secure access solution for your team!

Updated over a week ago

Single Sign-On (SSO) simplifies user authentication by allowing AnnounceKit users to log in using a single set of credentials. With SSO, you can enhance security and provide a seamless login experience for your coworkers. This guide will help you configure SSO with AnnounceKit.

How to get started with Single Sign-On?

To get started with setting up SSO for your coworkers, please go to your Settings > Team and click on Single Sign-On below the Team window.

Step 1: Configure Your Identity Provider

  1. Access SAML2-based SSO: AnnounceKit supports SAML2-based SSO. You can use various Identity Providers (IDPs) like Okta, Bitium, OneLogin, Centrify, or even GSuite as your identity provider. These IDPs allow you to define access rules and delegate application access.

  2. Enter the Following Information: Depending on your IDP, you'll need to enter specific information into your identity provider settings.



    For GSuite, look for the following fields and enter them respectively:

    • ACS URL: https://example.com/saml/assert

      This means that ACS URL will be placed in the SSO URL section

    • Entity ID: https://example.com/saml/metadata.xml

      Entity ID will be placed in the Audience URL section



Step 2: Gather Information from Your Identity Provider

  1. Retrieve the Following Details: Your identity provider will provide information that you need to fill out in your AnnounceKit settings.




    For GSuite, you should enter the following:

    • Endpoint for the Certificate SSO URL: https://example-idp.com/saml2

      This means that your GSuite Certificate SSO URL will be entered in the SAML 2.0 Endpoint section.

    • X.509 Certificate: You can download the certificate as a text file.

      Your Gsuite X.509 certificate should be downloadable as a text file. You should paste the certificate code under the Public Certificate section.

    -----BEGIN CERTIFICATE----- 

    CERTIFICATE DETAILS HERE

     -----END CERTIFICATE-----

Step 3: Enable Seamless Login

After completing the first two steps, the final step will be revealed.

You'll immediately see a login link for your teammates to use.

Domain Verification: For a seamless login experience, you can verify your domain name. After verification, any email address on this domain will automatically use the SSO integration, eliminating the need for password authentication.

  • Domain to Verify: example.com

  • For verification, add the following TXT record to your DNS:

    TXT "announcekit-verify=example-verification-key"

By following these steps, you can set up Single Sign-On (SSO) for AnnounceKit, making it easier for your coworkers to log in securely and efficiently.

Did this answer your question?