Set up by: Company Admins
It is strongly recommended to configure the SSO in a separate incognito mode window of your browser. This way you keep the session in the standard window, allowing you to switch off the SSO authorization in case something is configured incorrectly.
If you wish to set up a test account before enabling SSO on production, please request it with your Account Executive or Sales representative. Only those who configure SSO will be added to this test account.
Setting up Google
Adding and configuring the app
From the Admin console Home page, go to Apps > Web and mobile apps.
- Click Add App > Add custom SAML app.
- On the App Details page enter the name of the app, for example simply Miro. You may also upload an app icon (optional).
- In the Service Provider Details section, fill out the fields:
ACS URL - https://miro.com/sso/saml
Entity ID - https://miro.com/
Start URL - leave empty
Signed response - leave unsigned
Name ID format - set as EMAIL.
Required app configuration
User Credentials (Claim Types)
In the SAML attribute mapping section set the attributes that will define your end-user's Username in Miro. Miro will accept the FirstName and LastName pair (or the DisplayName instead - for that see Optional settings).
As a final step switch the app ON for some or all your users:
Enabling the app for the users
As a result your configuration should look something like this:
Setting up Miro
On the Google Identity Provider details page, get the setup information. Open your Miro account's settings > Enterprise Integrations > SSO and fill out the parameters like so:
- Copy the SSO URL and add it to the Miro's SAML Sign-in URL field
- Download the Certificate, open the file in a text editor and copy and paste the value in the Key x509 Certificate field
You're all set and now your users will be able to authenticate in Miro via SSO!