Available for: Business Plan, Enterprise Plan
Set up by: Company Admins
It is strongly recommended to configure the feature in a separate incognito mode window of your browser. This way you keep the session in the standard window, allowing you to switch off the SSO authorization in case something is configured incorrectly.
If you wish to set up a test instance before enabling SSO on production, please request it with your Account Executive or Miro Sales representative. Only those who configure SSO will be added to this test instance.
Creating the Miro application within your tenant
- Create the application in your Applications list.
Auth0 Applications section - Select Regular Web Applications application type.
Application types list - Head over to the Settings tab and make sure that the options listed are selected exactly the way as described below.
Token Endpoint Authentication Method POST Application Login URI - Click Show Advanced Settings:
and then go to Certificates and Copy your x509 Signing Certificate:
Advanced Settings tab in Auth0 - Switch to Miro and open your SSO settings (Business plan Admins will find the settings in the Security tab, Enterprise plan Admins will need to go to Enterprise integrations tab) and then paste the x509 Signing Certificate in the respective field as shown on the screenshot below:
Miro Security tab with SAML settings
Setting SAML for the application
- Go back to the Auth0 application configuration page and choose the Addons tab and the SAML2 addon:
Auth0 add-ons catalog
You will see a pop-up window with the request settings and Application Callback URL:
Addon Settings tab - Make sure that the URL is set to https://miro.com/sso/saml
The request Settings should be set to the following:
{
"nameIdentifierFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"nameIdentifierProbes": [
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
]
} - Switch the tabs to Usage and copy the Identity Provider Login URL:
Identity Provider Login URL field in Auth0 - Switch to Miro again and paste the URL to SAML Sign-in URL field.
- Click Save for the settings to be applied to your Miro plan.
Checking the configuration
You can now go back to Auth0 console and switch back to the Settings tab of the addon. Click Debug to trigger the login attempt.
Triggering the login attempt
This will initiate the IdP login attempt and will allow you to see the results.
In case of any difficulties - feel free to contact our Support Team.
Testing SSO configuration in Miro
- Complete the steps above to configure your SSO settings.
- Click the Test SSO configuration button.
- Review the results:
- If no issues are found, a confirmation message SSO configuration test was successful will be displayed.
- If issues are found, a confirmation message SSO configuration test failed will be displayed, followed by detailed error messages to guide you on what needs to be fixed.
Testing SSO configuration in Miro