This guide explains the settings you need to use to configure SAML with your Identity Provider. Once configured, obtain an XML metadata file and use it to configure SAML in Formbricks.
Note: Please do not add a trailing slash at the end of the URLs. Create them exactly as shown below.Assertion consumer service URL / Single Sign-On URL / Destination URL: https://app.formbricks.com/api/auth/saml/callback Entity ID / Identifier / Audience URI / Audience Restriction: https://saml.formbricks.com Response: Signed Assertion Signature: Signed Signature Algorithm: RSA-SHA256 Assertion Encryption: Unencrypted NameID Format: EmailAddress Application username: email Mapping Attributes / Attribute Statements:
name
claim, set the following claims to populate the name field:
Name | Name Format | Value |
---|---|---|
name | Basic | user.name |
name
claim. If not, you can use different claims to populate the name field. The order of precedence is name
-> other options -> email
.
Other options:
Name | Name Format | Value |
---|---|---|
firstName | Basic | FIRST_NAME_EQUIVALENT |
lastName | Basic | LAST_NAME_EQUIVALENT |
IdP | FIRST_NAME_EQUIVALENT | LAST_NAME_EQUIVALENT |
---|---|---|
Okta | user.firstName | user.lastName |
Microsoft Entra ID (Azure AD) | user.givenName | user.surname |
Google Workspace | user.given_name / user.firstName | user.family_name / user.lastName |
OneLogin | user.FirstName / user.first_name | user.LastName / user.last_name |
Auth0 | user.given_name | user.family_name |
JumpCloud | user.firstname | user.lastname |
Create an application with your SAML provider
Click on Create App Integration
Select SAML 2.0 in the modal form, and click Next
Fill the general settings as shown and click Next
Enter the SAML Integration Settings as shown and click Next
https://<your-formbricks-instance>/api/auth/saml/callback
or http://localhost:3000/api/auth/saml/callback
(if you are running Formbricks locally)https://saml.formbricks.com
Fill the fields mapping as shown and click Next
Check the internal app checkbox and click Finish
Check that the app is created successfully
Click on the app and head over to the Assignments tab
Click on Assign button and select Assign to People
Select the users you want to assign the app to and click Assign
Head over to the Sign On tab and click on the 'view SAML setup instructions' button
Scroll to the bottom and copy the IDP metadata
Copy the IDP metadata and paste it in the `connection.xml` file in the `formbricks/saml-connection` (use `formbricks/apps/web/saml-connection` for development) directory