Available for: Enterprise, Business plans
Set up by: Company Admins
It is strongly recommended to configure the SSO in a separate incognito mode window of your browser. This way you keep the session in the standard window, allowing you to switch off the SSO authorization in case something is configured incorrectly.
If you wish to set up a test instance before enabling SSO on production, please request it with your Account Executive or Sales representative. Only those who configure SSO will be added to this test instance.
Our main SSO tutorial can be seen here. The instruction by Google can be found here.
Setting up Google
Adding and configuring the app
-
From the Admin console Home page, go to Apps > Web and mobile apps.
- Click Add App > Add custom SAML app.
- On the App Details page enter the name of the app, for example simply Miro. You may also upload an app icon (optional).
- In the Service Provider Details section, fill out the fields:
ACS URL - https://miro.com/sso/saml
Entity ID - https://miro.com
Start URL - leave empty
Signed response - leave unsigned
Name ID format - set as EMAIL.
Required app configuration
User Credentials (Claim Types)
In the SAML attribute mapping section set the attributes that will define your end-user's Username in Miro. Miro will accept the FirstName and LastName pair (or the DisplayName instead - for that see Optional settings).
Attributes configuration
As a final step switch the app ON for some or all your users:
Enabling the app for the users
As a result your configuration should look something like this:
Finished configuration
Setting up Miro
On the Google Identity Provider details page, get the SSO URL link in the Download Metadata section. Open your Miro Company settings > Enterprise Integrations > SSO and fill out the parameters like so:
- Copy the SSO URL and add it to the Miro's SAML Sign-in URL field
- Download the Certificate, open the file in a text editor and copy and paste the value in the Key x509 Certificate field
As a final step of the Miro settings add your domains and verify them. You may also configure the optional settings. After enabling Google SSO, end-users need to log out of their Google account and log back in to be able to sign in to Miro.
If you meet any issues, please check out our list of common cases and how to resolve them and the Google troubleshooting page.