The Lang.ai team will provide you the following values during the setup:
Single Sign on URL
In order to complete the configuration, you will need to provide Lang.ai the following information:
Identity Provider Single Sing-On URL
In the Admin Console, go to Applications > Applications
Click Create App Integration. Select SAML 2.0 as the Sign-on method
Configure general settings by adding the app name “Lang.ai”
Configure SAML settings
I'm an Okta customer adding an internal app
Sign ontab, click in the SAML 2.0
View Setup Instructionsbutton. You will see something like the following:
9. Copy the Identity Provider Single Sign-On URL and download the certificate. Share both the URL and the certificate with the Lang.ai team to complete the configuration.
Once the connection is configured, your platform success representative will contact you to configure the first admin user for your team. By default, all SSO users are created with the "member" role.
Testing your connection
Once you configured the connection successfully, follow these steps to test the connection:
Write your email in the log in screen
You will be redirected to log in to the Okta User Dashboard
The browser will be redirected back to the application and be automatically logged in. If it it's the first time the user logs in, then the user it will be created in Lang.ai with the "member" role.
Here is a list of the frequently asked question regarding our SSO integration:
My organization uses an identity service provider (IdP) that's not in the list above. Will it be supported?
If your IDP provides a SAML metadata URL for dynamic configuration, you can follow the same setup steps as above. Please contact support for SAML configuration assistance for other IDPs.
Does Lang support IdP-initiatied flows?
IdP-initiated flows carry a security risk and are therefore are disabled by default. This may be enabled upon request. Make sure you understand the risks before enabling IdP-initiated SSO.
How does Lang SAML SSO handle user provisioning?
Lang supports Just-in-Time (JIT) provisioning — the user is created the first time it completes the first login into Lang. The default role for these users is the "member" role. We don't currently support user provisioning with SCIM.
Does Lang SAML SSO support Single Logout?
Not at this time. If Single Logout is important to you, please contact our support team to let us know. Take into account that users are logged out after 30 minutes of inactivity. We also have an absolute logout for users every 12 hours.
What version of SAML does Lang support?
We currently support SAML v2.0.