Single Sign On (SSO)
Front supports Single Sign On (SSO), which lets you choose the sign in method for your teammates.
Please click the links below to follow tutorials on setting up SSO with these specific providers:
Go into your Settings, select Preferences, and Single Sign On. Use the dropdown box to select SAML.
By selecting the SAML option, Front will automatically provide the values you need to add Front as a SAML 2.0 Service Provider to your Identity Provider:
- Entity ID: the identifier of our Service Provider.
- ACS URL: the URL of our Service Provider which will receive the SAML assertions.
- Name ID Format: the format of the name ID to use in SAML assertions.
- Encryption certificate: the certificate to encrypt SAML assertions.
Front will ask you to provide:
- Entry point: corresponding to your Identity Provider URL which will receive authentication requests.
- Signing certificate: to verify the signature of the responses received by our Service Provider.
This is currently the only option available to enable SSO in Front.
Which Azure Subscription would enable us to use Front's SSO?
All versions of AAD support SSO, the only difference would be the number of SSO integrations you can have on your side - 10 vs unlimited. You can find more information here. Once Front supports SCIM user provisioning that functionality would only be accessible on Azure's Premium 1 or Premium 2 plans.
I am trying to configure SAML on Front with my G Suite. In my first attempt it was failing to let anybody login. I suspect that the signing certificate had a problem in it but I was unable to edit this. I disabled SSO and then tried to reconfigure it. However, when I re-enable it, the field for providing the signing certificate is NOT editable. Any advice?