# SAML 2.0 Setup

To set up SAML integration you will need admin privileges in Sleuth and in your Identity Provider (IdP) system that supports SAML 2.0. Regardless of the specific IdP, the general setup process is roughly the same:

1. [**Gather Sleuth Service Provider (SP) Metadata.**](#gathering-sleuth-service-provider-metadata) This is the information you will need in order for your IdP to identify Sleuth as a trusted service provider.
2. [**Establish Sleuth as a trusted SP in your IdP.**](#establish-sleuth-as-a-trusted-service-provider) This step requires administrator privileges in your IdP.
3. [**Enter IdP metadata into Sleuth.**](#enter-idp-metadata-into-sleuth) Finalize communication configuration between Sleuth and IdP
4. [**Enable SAML login for users.**](#enable-saml-login)

To begin SAML configuration navigate to the "**Authentication**" tab under "**Organization settings**" and click "**Configure SAML Authentication**":

<figure><img src="https://2832637360-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M1bR_-Od0islbiOl4G0%2Fuploads%2FlSMOWARwvPzz8ZGLPKqd%2Fimage.png?alt=media&#x26;token=528a6ec3-b79f-4b57-ae7f-c4ebca826104" alt=""><figcaption></figcaption></figure>

## Gather Sleuth Service Provider Metadata

To view the Sleuth SAML metadata expand the "**Sleuth Service Provider data**" section by clicking on the title.

<figure><img src="https://2832637360-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M1bR_-Od0islbiOl4G0%2Fuploads%2FTg3DmzYCK8CNg6UeorY1%2Fimage.png?alt=media&#x26;token=cac57374-6cda-4532-a70e-ca54302f0f2d" alt=""><figcaption></figcaption></figure>

Once expanded, you can either **download the metadata XML file** (*if your IdP supports metadata file imports*) or **manually copy-paste these values** when setting up Sleuth as a trusted service provider within your IdP.

<figure><img src="https://2832637360-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M1bR_-Od0islbiOl4G0%2Fuploads%2FDSlfTd4tv64fecBU232V%2Fimage.png?alt=media&#x26;token=791b2d4b-c703-43f3-adf6-a58dc642b203" alt=""><figcaption></figcaption></figure>

## Establish Sleuth as a trusted Service Provider

To establish Sleuth as a trusted SP you will need information from the previous step and administrator privileges in your IdP.

This section includes instructions on how to configure your Identity Provider in order to enable the login:

* [Okta](https://help.sleuth.io/settings/organization/signup/saml/okta-configuration)
* [Azure AD](https://help.sleuth.io/settings/organization/signup/saml/azure-ad-configuration)

{% hint style="info" %}
Even if your Identity Provider is not specified in the list above, Sleuth is respecting the **SAML 2.0 standard** so you can integrate every Identity Provider that supports the standard.

Feel free to contact us at [**support@sleuth.io**](mailto:support@sleuth.io?subject=Need%20help%20setting%20up%20SAML) in case of any problems setting up the integration.
{% endhint %}

## Enter IdP metadata into Sleuth

To enter your IdP's metadata into Sleuth you will need information from the previous steps and administrator privileges in Sleuth.

This section includes instructions on how to configure Sleuth in order to enable the login with your selected IdP:

* [Okta](https://help.sleuth.io/settings/organization/signup/okta-configuration#enter-oktas-metadata-into-sleuth)
* [Azure AD](https://help.sleuth.io/settings/organization/signup/azure-ad-configuration#enter-azures-metadata-into-sleuth)

{% hint style="info" %}
Even if your Identity Provider is not specified on the list above, Sleuth is respecting the **SAML 2.0 standard** so you can integrate any Identity Provider that supports the standard.

Feel free to contact us at [**support@sleuth.io**](mailto:support@sleuth.io?subject=Need%20help%20setting%20up%20SAML) in case of any problems setting up the integration.
{% endhint %}

## Enable SAML login

Once you saved the configuration you will need to successfully log in using SAML before you can set it to be your only [allowed login method](https://help.sleuth.io/settings/organization/signup/..#allowed-login-methods).

1. Log out of Sleuth.
2. On the login page: enter your **email** and click "**Continue**".
3. Clicking on "**SAML**" will start the login process via your IdP.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.sleuth.io/settings/organization/signup/saml.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.