API Reference
Guides

Single Sign On

Nanonets currently supports Single Sign On feature for a few Identity Providers out of the box. We can always add new Identity Providers basis your request.

Objective of this guide

Users from customer's company should be able to log in using their company credentials on Nanonets.

What is SSO and how does it work?

SSO or Single Sign-on is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials. 

SSO works based upon a trust relationship set up between an application and an identity provider. This trust relationship is often based upon a certificate that is exchanged between the identity provider and the service provider. This certificate can be used to sign identity information that is being sent from the identity provider to the service provider so that the service provider knows it is coming from a trusted source. In SSO, this identity data takes the form of tokens which contain identifying bits of information about the user like a user’s email address or a username.

SSO Setup

Note that there are some components in the SSO setup that are manual, hence you will need to share this data with your Nanonets Sales/Customer Success representative.

Details you will need from Nanonets

Recipients Url / Replay Url / ACS Url :- https://app.nanonets.com/saml/acs
Audience Url / EntityId :- https://app.nanonets.com/saml/metadata

Different Identity Providers (IDPs) might use different naming conventions for the URLs. Here are some examples:

  • Recipients Url / Replay Url / ACS Url can also be referred to as:
    • Assertion Consumer Service URL
    • Destination URL
    • Post-back URL
  • Audience Url / EntityId can also be referred to as:
    • SP Entity ID
    • Audience Restriction
    • Audience URI

Kindly share these details with your IT team to share the following info with us.

Requirements from the customers

  • Identity Provider (IdP) XML metadata file
  • Payload structure in the callback after authentication, containing the user's email ID.

Nanonets SAML xml Files:

  • The files have been added as an attachment in this article.

Login Process Overview

Once you have done the setup for your Identity provider, you can use this guide to login. In order to login via SSO, there is a separate login page with following url:

SSO URL:

https://app.nanonets.com/#/signupsso

  • A user needs to enter the company email as an initial step on this screen

  • They will then be redirected to the organisation's page where they will enter their password. Once the user is authenticated, they will be redirected back to Nanonets.

  • Account will be created on Nanonets with the company email.

*SSO is available only as an enterprise feature and customers need to reach out to Sales / respective Customer Success Manager for enabling it.

Updated 2 days ago