User Guide

Operation Guide for the Administrator

Configuring Single Sign-On (SAML SP) that Uses External Service Accounts

To use SAML-based single sign-on, it is necessary to configure the appropriate settings on the ID provider side.

Here, we explain how to configure the ID provider using Microsoft Entra ID, HENNGE ONE, and Okta as examples.

For information on how to configure other ID providers, refer to their official websites.

Screen examples of the ID provider may not be up-to-date.

The following is the format of the certificate required for SAML coordination:

  • File format: X.509 certificate in the PEM format
  • Public key encryption format: RSA (Key length must be 2048 bits or more. We recommend 3072 bits or more.)
  • Signature hash algorithm: SHA-256 *1
  • Maximum file size: 1 MB
*1 You can register a certificate with a different hash algorithm, but you cannot use it for SAML-based login.

Configuring Single Sign-On on Microsoft Entra ID

Configuring Single Sign-On on HENNGE ONE

Configuring Single Sign-On Settings at Okta

Configuring SAML Coordination Settings at This Site

Updating the Certificate