SSO using SAML

Integrate your SAML identity provider with Arcade

This is an early preview for our Enterprise plan customers
Overview
Single sign-on (SSO) allows your team members to sign in to Arcade using your own identity provider, e.g. with Auth0 or Okta.
Arcade currently supports SSO using SAML 2.0.
Configuring SAML for your Arcade team
Contact us at [email protected] with the your SAML metadata URL (or attach the SAML metadata XML file).
See below for guides to set up SAML specifically on Auth0 and Okta.
Alternatively, if you don't have a metadata URL, you can provide your:
SAML entity ID (also known as issuer)
SAML login URL
SAML certificate
Finally, on your identity provider side, you need to allow the following callback URL:
https://app.arcade.software/__/auth/handler
We'll give you a unique Arcade SSO URL that you can use to sign in.
Configuring SAML on Auth0
See also: Auth0: Manually configure SSO integrations.
⚠️ Note about the SAML 2.0 add-on
On Auth0, you also have the option to configure SAML using the SAML 2.0 add-on.
If you configure Arcade SSO using that add-on, make sure that the SAML NameID is set to the user email address, by configuring nameIdentifierProbes like this in the add-on settngs:
{
  "nameIdentifierProbes": [
    "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
  ]
}
Configuring SAML on Okta
See also: Okta: Create SAML app integrations.

Admin - Previous

General Security

GDPR Requirements

Last modified 1mo ago