Login with SAML
SAML (Security Assertion Markup Language) is an XML-based open standard used for exchanging authentication and authorization data between parties.
This guide will walk you through the steps required to set up SAML Single Sign-On (SSO) with Ory Network using BoxyHQ as your SAML provider.
Prerequisites
Before proceeding, ensure you have the following:
- Access to Ory Network
- An active account with BoxyHQ
- Ory CLI
SAML integration in Ory Network uses the B2B Organization feature which is available on the Ory Network Growth plan. Reach out if you are interested in a trial.
Configuration
To set up the integration, you'll need to get your Ory Network session token:
- Install the Ory CLI on your system.
- Run
ory authto sign into your Ory Network account. - Locate the session token in the
.ory-cloud.jsonfile in your home folder. This token starts with the prefixory_st. You can usecat ~/.ory-cloud.json | grep 'ory_st'to find it.
You'll also need your Ory Project ID. You can find this in your Ory Network settings.
Next, you'll configure the session token and Project ID in BoxyHQ.
Follow these steps:
- Log into your BoxyHQ account.
- Create a new Product if you haven't already.
- Navigate to Settings > Ory Integration.
- Paste your session token and Project ID into the respective input fields and save the configuration.
Once configured, the integration between BoxyHQ and Ory Network will automatically set up a new Organization and a generic OIDC connection whenever you create a new SSO connection on BoxyHQ. All user management will then flow through Ory Network.
To verify the integration, navigate to your Ory Account Experience UI and enter an email associated with the domain you configured. If successful, the "Sign in with SSO" button should appear.
If you encounter any issues or need help with the integration, please open a support ticket or reach out to support@ory.sh.