Skip to main content
Setting Up SAML Authentication
Yuki Omori avatar
Written by Yuki Omori
Updated over 2 weeks ago

📝 Overview

With Yoom’s Enterprise plans, you can enable SAML-based SSO (Single Sign-On) for enhanced security and simplified login management.


🧐 What is SAML Authentication?

SSO (Single Sign-On) allows users to log in to multiple services with a single authentication.

One common method for implementing SSO is SAML authentication, which securely shares user authentication details across multiple services.

  • The system that manages and verifies authentication is called an IDP (Identity Provider).

  • Yoom is not an IDP but functions as an SP (Service Provider) that integrates with IdPs.

👏 Benefits of SAML Authentication

Simplified Login & Improved User Experience

  • No need to manage multiple IDs and passwords for different services.

Enhanced Security

  • Reduces risk associated with password storage and sharing.

  • Minimizes the risk of credentials being compromised.

🙊 Potential Risks & Considerations

Login Issues if IDP service is Down

  • If the IDP experiences downtime, users may be unable to log in.

Security Risk if Credentials Are Compromised

  • If an ID/password is leaked, unauthorized users could gain access to all connected services.

📌 To strengthen security, we recommend enabling:
Two-factor authentication (2FA)
Two-channel authentication


🛠️ How to Set Up SAML Authentication

1️⃣ Configure your IdP (Identity Provider)

For IDP setup details, please refer to your provider's documentation.

Configuration Item

Value

Entity ID

ACS URL

Element for User Identification

Set to the email address field in the IDP.

2️⃣ Configure SAML in Yoom

Follow these steps to complete the setup:

① Log in to Yoom and click the settings button at the bottom left.

② In the side menu, select “Security”.

③ Enter the required configuration details to enable SAML Configuration.

Field

Description

Identity Provider Identifier

Enter your IDP identifier.

Identity Provider SSO Endpoint URL

Enter the SSO endpoint URL of your IDP.

Public Key Certificate (for Signing)

Attach the public key certificate (must be .cer or .cert format).

Enable Just-In-Time Provisioning

Allows automatic account creation in Yoom when a user logs in for the first time.

Restrict Login to SAML Only

Prevents users from logging in via OAuth or two-factor authentication - only SAML is allowed.

Enable SAML Configuration

Be sure to enable this setting after completing the setup.


🔗 Reference

IdPs Already Integrated

✔️GMO Trust Login (SAML Setup Manual · SAML JIT Setup Manual)

Related Keywords

SAML, SAML Authentication, SSO, Single Sign-On, Security, IDP, Identity Provider

Did this answer your question?