Skip to content
Start a Free 14-Day Trial

SAML Single Sign On (SSO)

Connect Apptoto to your identity provider using SAML so your team can log in with company credentials.

Apptoto supports SAML-based Single Sign-On (SSO) for Group accounts. SSO lets your team authenticate through your existing identity provider (such as Okta, Azure AD, or OneLogin) instead of managing separate Apptoto passwords.

Set up SAML

Section titled “Set up SAML”
  1. Go to SAML settings: Sign in as a Group Admin and navigate to Settings > Integrations > Developer Tools > SAML Single Sign-On (SSO). Configure SAML under Settings > Integrations > SML Single Sign-On (SSO)
  2. Copy your service provider details: This page shows the information you need to configure Apptoto as a service provider in your identity provider:
    • ACS URL: https://www.apptoto.com/saml/consume
    • Audience Restriction URL: apptoto.com/saml/consume
    • SSO Method: SP (Service Provider) Initiated
    • Unique User: Identifier: Email The SAML SSO tab will list configuration directions including your company's unique sign up and sign in links. You also see your account’s unique Sign Up and Sign In links.
  3. Configure your identity provider: In Okta, Azure AD, OneLogin, or your preferred identity provider, add Apptoto as a new application using the service provider details from the previous step.
  4. Enable SAML in Apptoto: Return to Settings > Integrations > SAML SSO and toggle SAML Enabled to On.
  5. Enter your SAML SSO URL and certificate: Paste your SAML SSO URL from your identity provider. Then paste your X.509 certificate in PEM format. Enable SAML SSO and add your SAML SSO URL and Certificate, and update settings
  6. Save Settings: Click Save SAML Settings.

Optional settings

Section titled “Optional settings”
  • Require SAML SSO: Toggle this on to require all users of your Group account to authenticate via SAML. Users can no longer log in with a password.
  • Provision new users: When enabled, Apptoto automatically creates an account for any new user who signs in via SAML, using the settings configured under Settings > Users.

Testing your SSO logins

Section titled “Testing your SSO logins”
  1. Find your Group Signup Page URL Go to Settings > Users tab and copy the Group Signup Page URL. Apptoto group signup page once SAML has been enabled.
  2. Open the URL in a new browser session: Paste the URL into a private or separate browser window. You should see a Sign in with SSO option. Once SAML is set up for a group account. the signup page will display an option to sign in with SAML SSO
  3. Authenticate: Click the SSO link and complete authentication through your identity provider. If successful, you are logged into your Apptoto account.

    If the email address you authenticate with does not yet exist in Apptoto, a new user account is created automatically (if provisioning is enabled).