Requirements and Limitations<\/i><\/a><\/h2>\n\n\n\nIn order to setup single sign-on you have to have a working identity provider. It needs to comply to the either of the following standards:<\/p>\n\n\n\n
\n- OpenID Connect<\/li>\n\n\n\n
- SAML V2.0<\/li>\n<\/ul>\n\n\n\n
Required Information<\/a><\/i><\/a><\/h3>\n\n\n\nTo configure our alfaview service provider we need the following information from you:<\/p>\n\n\n\n
\n- the endpoint of your identity provider (e. g.
https:\/\/idp.example.com\/redirect<\/code>)\n\n- if available: test accounts and an additional testing identity provider endpoint<\/li>\n<\/ul>\n<\/li>\n\n\n\n
- if you have a SAML-based identity provider: the URL to your identity provider’s metadata XML file<\/li>\n\n\n\n
- the identity claims or attribute mapping of your identity provider\u2019s SAML\/OIDC response\n
\n- required: user\u2019s first name, last name and display name<\/li>\n\n\n\n
- optional: user group attribute if you want to use group based permission management<\/a> in alfaview<\/li>\n<\/ul>\n<\/li>\n\n\n\n
- your desired login domain from where your users will start the single sign-on process (example:
my-company.alfaview.com<\/code>)<\/li>\n<\/ul>\n\n\n\nLimitations<\/i><\/a><\/h3>\n\n\n\n\n- Your identity provider\u2019s SAML XML signature needs to be signed using the SHA256 algorithm. If you have no information about the signing algorithm used, we can try to help you finding it out.<\/li>\n\n\n\n
- We do not support identity provider initiated SAML V2.0. But we can provide a start link that initiates the alfaview login by redirecting to your identity provider\u2019s login page<\/li>\n\n\n\n
- The login domain will be hosted by alfaview.<\/li>\n<\/ul>\n\n\n\n
Compatible Identity Providers<\/a><\/i><\/a><\/h3>\n\n\n\nHere is a list of identity providers that were successfully configured and are proven to work with alfaview:<\/p>\n\n\n\n
\n- GitLab \u2013 based on OpenID Connect<\/li>\n\n\n\n
- Google Work \u2013 based on SAML V2.0<\/li>\n\n\n\n
- Shibboleth \u2013 based on SAML V2.0<\/li>\n<\/ul>\n\n\n\n
Setup Process<\/i><\/a><\/h2>\n\n\n\nIf you are interested in using Single Sign-On, use our contact form<\/a> to get in touch with us.<\/p>\n\n\n\n\n- Contact form<\/a><\/li>\n<\/ul>\n\n\n\n
Manage groups for single sign-on authentication users<\/i><\/a><\/h2>\n\n\n\n\n\nUsers that use single sign-on (SSO) to authenticate with alfaview can be assigned to groups in the external Identity provider (IdP). These groups can be mapped to groups with specific permissions in alfaview and can be assigned to alfaview rooms and departments. This helps in managing large numbers of users in alfaview.<\/p>\n<\/div>\n\n\n\n
\n![\"Screenshot](\"https:\/\/support.alfaview.com\/wp-content\/uploads\/2025\/11\/alfaview_sso_manage-groups_en.png\")
<\/a>Manage groups<\/figcaption><\/figure>\n<\/div><\/div>\n<\/div>\n\n\n\n\nTo configure this setting, you will need the permission to manage company settings<\/strong>. Additionally, the company needs to have its own custom subdomain to access this feature.<\/p>\n<\/div>\n\n\n\nCreating groups<\/a><\/i><\/a><\/h3>\n\n\n\nIn the administration interface<\/a>, navigate to account management > Manage groups. Click
Required Information<\/a><\/i><\/a><\/h3>\n\n\n\nTo configure our alfaview service provider we need the following information from you:<\/p>\n\n\n\n
\n- the endpoint of your identity provider (e. g.
https:\/\/idp.example.com\/redirect<\/code>)\n\n- if available: test accounts and an additional testing identity provider endpoint<\/li>\n<\/ul>\n<\/li>\n\n\n\n
- if you have a SAML-based identity provider: the URL to your identity provider’s metadata XML file<\/li>\n\n\n\n
- the identity claims or attribute mapping of your identity provider\u2019s SAML\/OIDC response\n
\n- required: user\u2019s first name, last name and display name<\/li>\n\n\n\n
- optional: user group attribute if you want to use group based permission management<\/a> in alfaview<\/li>\n<\/ul>\n<\/li>\n\n\n\n
- your desired login domain from where your users will start the single sign-on process (example:
my-company.alfaview.com<\/code>)<\/li>\n<\/ul>\n\n\n\nLimitations<\/i><\/a><\/h3>\n\n\n\n\n- Your identity provider\u2019s SAML XML signature needs to be signed using the SHA256 algorithm. If you have no information about the signing algorithm used, we can try to help you finding it out.<\/li>\n\n\n\n
- We do not support identity provider initiated SAML V2.0. But we can provide a start link that initiates the alfaview login by redirecting to your identity provider\u2019s login page<\/li>\n\n\n\n
- The login domain will be hosted by alfaview.<\/li>\n<\/ul>\n\n\n\n
Compatible Identity Providers<\/a><\/i><\/a><\/h3>\n\n\n\nHere is a list of identity providers that were successfully configured and are proven to work with alfaview:<\/p>\n\n\n\n
\n- GitLab \u2013 based on OpenID Connect<\/li>\n\n\n\n
- Google Work \u2013 based on SAML V2.0<\/li>\n\n\n\n
- Shibboleth \u2013 based on SAML V2.0<\/li>\n<\/ul>\n\n\n\n
Setup Process<\/i><\/a><\/h2>\n\n\n\nIf you are interested in using Single Sign-On, use our contact form<\/a> to get in touch with us.<\/p>\n\n\n\n\n- Contact form<\/a><\/li>\n<\/ul>\n\n\n\n
Manage groups for single sign-on authentication users<\/i><\/a><\/h2>\n\n\n\n\n\nUsers that use single sign-on (SSO) to authenticate with alfaview can be assigned to groups in the external Identity provider (IdP). These groups can be mapped to groups with specific permissions in alfaview and can be assigned to alfaview rooms and departments. This helps in managing large numbers of users in alfaview.<\/p>\n<\/div>\n\n\n\n
\n<\/a>Manage groups<\/figcaption><\/figure>\n<\/div><\/div>\n<\/div>\n\n\n\n\nTo configure this setting, you will need the permission to manage company settings<\/strong>. Additionally, the company needs to have its own custom subdomain to access this feature.<\/p>\n<\/div>\n\n\n\nCreating groups<\/a><\/i><\/a><\/h3>\n\n\n\nIn the administration interface<\/a>, navigate to account management > Manage groups. Click
https:\/\/idp.example.com\/redirect<\/code>)\n\n- if available: test accounts and an additional testing identity provider endpoint<\/li>\n<\/ul>\n<\/li>\n\n\n\n
- if you have a SAML-based identity provider: the URL to your identity provider’s metadata XML file<\/li>\n\n\n\n
- the identity claims or attribute mapping of your identity provider\u2019s SAML\/OIDC response\n
\n- required: user\u2019s first name, last name and display name<\/li>\n\n\n\n
- optional: user group attribute if you want to use group based permission management<\/a> in alfaview<\/li>\n<\/ul>\n<\/li>\n\n\n\n
- your desired login domain from where your users will start the single sign-on process (example:
my-company.alfaview.com<\/code>)<\/li>\n<\/ul>\n\n\n\nLimitations<\/i><\/a><\/h3>\n\n\n\n\n- Your identity provider\u2019s SAML XML signature needs to be signed using the SHA256 algorithm. If you have no information about the signing algorithm used, we can try to help you finding it out.<\/li>\n\n\n\n
- We do not support identity provider initiated SAML V2.0. But we can provide a start link that initiates the alfaview login by redirecting to your identity provider\u2019s login page<\/li>\n\n\n\n
- The login domain will be hosted by alfaview.<\/li>\n<\/ul>\n\n\n\n
Compatible Identity Providers<\/a><\/i><\/a><\/h3>\n\n\n\nHere is a list of identity providers that were successfully configured and are proven to work with alfaview:<\/p>\n\n\n\n
\n- GitLab \u2013 based on OpenID Connect<\/li>\n\n\n\n
- Google Work \u2013 based on SAML V2.0<\/li>\n\n\n\n
- Shibboleth \u2013 based on SAML V2.0<\/li>\n<\/ul>\n\n\n\n
Setup Process<\/i><\/a><\/h2>\n\n\n\nIf you are interested in using Single Sign-On, use our contact form<\/a> to get in touch with us.<\/p>\n\n\n\n\n- Contact form<\/a><\/li>\n<\/ul>\n\n\n\n
Manage groups for single sign-on authentication users<\/i><\/a><\/h2>\n\n\n\n\n\nUsers that use single sign-on (SSO) to authenticate with alfaview can be assigned to groups in the external Identity provider (IdP). These groups can be mapped to groups with specific permissions in alfaview and can be assigned to alfaview rooms and departments. This helps in managing large numbers of users in alfaview.<\/p>\n<\/div>\n\n\n\n
\n<\/a>Manage groups<\/figcaption><\/figure>\n<\/div><\/div>\n<\/div>\n\n\n\n\nTo configure this setting, you will need the permission to manage company settings<\/strong>. Additionally, the company needs to have its own custom subdomain to access this feature.<\/p>\n<\/div>\n\n\n\nCreating groups<\/a><\/i><\/a><\/h3>\n\n\n\nIn the administration interface<\/a>, navigate to account management > Manage groups. Click