Envoy

___________________________________________________________

Different IDPs may have different names for the same field. For example, Microsoft Entra uses the term Thumbprint, while Envoy uses the term Fingerprint. These values refer to the same value.

Go to <a href="https://dashboard.envoy.eu/apps/directory-and-sso" target="_blank" rel="nofollow noopener noreferrer">Apps &gt; Directory and SSO.</a>

Enter the fingerprint from your IdP in the Fingerprint field.

1. Microsoft Entra uses the term Thumbprint.


1. Go to <a href="https://dashboard.envoy.eu/apps/directory-and-sso" target="_blank" rel="nofollow noopener noreferrer">Apps &gt; Directory and SSO.</a>
2. Go to Directory Settings
3. Locate SAML and click Install.

4. Enter the fingerprint from your IdP in the Fingerprint field.
 
 1. Microsoft Entra uses the term Thumbprint.

If you'd like to configure SAML as required, we recommend first setting up SAML as optional and testing with a small group of users. Once you're sure SAML is working properly for your users, switch it to required.

Go to <a href="https://dashboard.envoy.eu/employees/integrations" target="_blank" rel="nofollow noopener noreferrer">Apps &gt; Directory and SSO</a>.

Toggle “Required” to the “on” position.

1. Go to <a href="https://dashboard.envoy.eu/employees/integrations" target="_blank" rel="nofollow noopener noreferrer">Apps &gt; Directory and SSO</a>.
2. Locate SAML and click Configure.
3. Toggle “Required” to the “on” position.

Global admins will always be able to authenticate with a password regardless of if requiring SAML is on or off.

You can connect Envoy to any SSO provider with SAML 2.0. We’ve provided guides for a few common IdPs:

<a href="http://saml-doc.okta.com/SAML_Docs/How-to-Configure-SAML-2.0-for-Envoy.html" target="_blank" rel="nofollow noopener noreferrer">SSO for Envoy via Okta</a>

<a href="https://onelogin.service-now.com/support?id=kb_article&amp;sys_id=12999903db109700d5505eea4b961959" target="_blank" rel="nofollow noopener noreferrer">SSO for Envoy via OneLogin</a>

<a href="https://envoy.help/en/articles/3453335-microsoft-azure-active-directory-integration#h_ea87c619a2" target="_blank" rel="nofollow noopener noreferrer">SSO for Envoy via Microsoft Entra Active Directory</a>

<a href="http://envoy.help/en/articles/4712320-sso-for-envoy-via-microsoft-active-directory" rel="nofollow noopener noreferrer" target="_blank">SSO for Envoy via Microsoft Active Directory</a>

<a href="https://support.google.com/a/answer/7652435?hl=en?hl=en#zippy=" target="_blank" rel="nofollow noopener noreferrer">SSO for Envoy via Google Workspace</a>

- <a href="http://saml-doc.okta.com/SAML_Docs/How-to-Configure-SAML-2.0-for-Envoy.html" target="_blank" rel="nofollow noopener noreferrer">SSO for Envoy via Okta</a>
- <a href="https://onelogin.service-now.com/support?id=kb_article&amp;sys_id=12999903db109700d5505eea4b961959" target="_blank" rel="nofollow noopener noreferrer">SSO for Envoy via OneLogin</a>
- <a href="https://envoy.help/en/articles/3453335-microsoft-azure-active-directory-integration#h_ea87c619a2" target="_blank" rel="nofollow noopener noreferrer">SSO for Envoy via Microsoft Entra Active Directory</a>
- <a href="http://envoy.help/en/articles/4712320-sso-for-envoy-via-microsoft-active-directory" rel="nofollow noopener noreferrer" target="_blank">SSO for Envoy via Microsoft Active Directory</a>
- <a href="https://support.google.com/a/answer/7652435?hl=en?hl=en#zippy=" target="_blank" rel="nofollow noopener noreferrer">SSO for Envoy via Google Workspace</a>

Enabling SAML for Envoy

(Optional) Set SAML to required

Configuring SAML for common IdPs