Skip to main content
SSO: SAML 2.0 <> Tesorio Setup

Tesorio supports all SSO providers that use SAML 2.0. This article reviews how to configure SSO for those providers.

Updated over 3 weeks ago

In this article:

Overview

Tesorio supports SAML 2.0 for Single Sign-On (SSO) authentication, enabling customers to integrate with virtually any major SSO provider. This allows your organization to leverage centralized user authentication and streamline the login process across multiple systems.

To enable SSO for your Tesorio account, the feature must be activated by your Customer Success Manager


Step 1: Configure Tesorio in your SSO

Once SSO is enabled for your Tesorio account, you’ll need to configure Tesorio as a service provider in your SSO provider’s admin portal. Below are the details you need to provide to your SSO administrator:

Property

Value

ACS URL

Entity ID

Name ID Format

EMAIL

Name ID

Basic Information > Primary Email

Step 2: Provide Metadata to Tesorio

Next you will need to share the metadata with Tesorio. There are two options for this:

  1. Metadata URL (Self-Service): Provide us with the URL directly via the Tesorio SSO integration page

  2. Metadata XML (Manual Submission): Send a metadata XML file to your Customer Success Manager to process.

Step 3: Access Tesorio’s SSO Login Page

Once your SSO integration is configured, users will be able to log in to Tesorio using SSO.

Tesorio currently supports SP-initiated SSO logins, which means users must first go to the Tesorio SSO login page and enter their email address.

Alternatively, you can find the SSO login page from https://dashboard.tesorio.com/login/ and selecting to login via Single Sign-On.

The user is then redirected to their SSO provider for authentication. Once authenticated, they will be redirected back to Tesorio and logged in automatically.

Tesorio does not support IDP-initiated SSO logins meaning users cannot log in to Tesorio directly from their SSO provider's dashboard.

Did this answer your question?