Overview
3DPrinterOS supports Single Sign-On (SSO) through SAML 2.0, including (but not limited) integrations with Shibboleth, Google Workspace, Okta and Microsoft Entra ID (Azure AD).
SAML SSO securely transfers a user’s identity from an Identity Provider (IdP) to 3DPrinterOS, which acts as the Service Provider (SP). Authentication is handled through digitally signed XML exchanges.
Choosing Your SSO Method
Before setting up SSO, determine which option fits your organization’s environment.
Google or Microsoft: Best for K–12 and organizations that already manage users in Google Workspace or Microsoft Entra ID (Azure AD).
Shibboleth / Other SAML2 compatible IdPs: Best for universities and enterprise environments using a dedicated Identity Provider.
If your organization uses Google, follow this separate setup guide:
Google Workspace SSO Integration Guide
Roles
3DPrinterOS acts as the Service Provider (SP) and redirects users to their organization’s Identity Provider (IdP) for authentication.
Integration typically involves exchanging metadata XML files between the IdP and 3DPrinterOS.
3DPrinterOS supports SSO through any Identity Provider that implements the SAML 2.0 protocol, including Shibboleth, Okta, Azure Entra ID, and Google SSO.
Environments
Production (Cloud): https://cloud.3dprinteros.com
All SAML2 / Shibboleth integrations are typically tested and deployed directly in the production environment.
A separate test environment is available upon request but generally not required.
Step-by-Step Integration
1. Exchange Metadata between 3DPrinterOS (SP) and your IdP.
Here is the 3DPrinterOS SP metadata for the production environment:
SP details extracted from metadata:
Entity ID: https://cloud.3dprinteros.com/sp
2. IdP Setup
Import the 3DPrinterOS metadata into your IdP to establish SAML trust.
Microsoft Entra ID (Azure AD): check this guide for more details:
Microsoft SSO Integration Guide
After configuration, send your IdP metadata as an XML file or provide a link to your XML metadata to support@3dprinteros.com. If your IdP is registered in InCommon, you may simply provide your Entity ID.
3. 3DPrinterOS Setup
Once your IdP information is received, the 3DPrinterOS team will configure the SP endpoints and provide a link for verification.
4. Deployment
After successful configuration the SSO login option becomes available in 3DPrinterOS under https://cloud.3dprinteros.com → SSO tab.
SAML Attributes
Required attribute: Email
Optional attributes: First Name, Last Name
3DPrinterOS retrieves data using the following attribute mappings (only Email is required).
Email (required):
mail
urn:oid:0.9.2342.19200300.100.1.3
eduPersonPrincipalName
urn:oid:1.3.6.1.4.1.5923.1.1.1.6
First Name (optional):
givenName
urn:oid:2.5.4.42
Last Name (optional):
sn
urn:oid:2.5.4.4
If your IdP uses custom attributes, please provide the claim URIs or short names to ensure correct mapping.