Manually managing dozens of users across tools and platforms is a hell of a job. This is when single sign-on (SSO) steps in by centralizing access management.

Single sign-on via Google and Microsoft accounts with the ability to enable and disable authentication methods is available to all customers.

In addition to that, our Company plan includes SAML SSO — making it possible to connect Fibery to Okta, Azure, OneLogin, or a custom identity provider (IDP).

Configuring Fibery

  1. Navigate to Workspace Settings in the top left menu.

  2. Enable SAML SSO authentication method.

  3. Paste the URL and the certificate provided by the IDP (ex. Okta).

  4. (optional) Enable just-in-time provisioning to create Users in Fibery automatically on sign-in instead of inviting them manually in advance.

Enable SAML SSO in the Workspace settings

Feel free to disable all the alternative authentication methods for extra security.

Signing in

Once you enable and configure SAML SSO, a new button appears on your Workspace login page:

SSO button on the login page

Once a user clicks this button, they are redirected to the IDP login before continuing to their Workspace.

The global login page doesn't know anything about the IDP of your particular Workspace, so please navigate directly to your.fibery.io to sign in with SSO.

Configuring Okta

Step 1. Create a new Okta app:

  1. Navigate to ApplicationsAdd Application.

  2. Click on Create New App.

  3. Pick Web as platform and SAML 2.0 as sign on method.

Step 2. Make it a Fibery app.

  1. Name the App Fibery or Fibery (Workspace Name) if your organization has multiple Workspaces.

  2. Upload the logo.

Step 3. Configure SAML basics.

  1. Put https://YOUR_WORKSPACE.fibery.io/login/sso/callback in both Single sign on URL and Audience URI.

  2. Leave Default RelayState blank.

  3. Pick EmailAddress as Name ID format

  4. Pick Emal as Application username

  5. Leave the last option as Create and update

Step 4. Configure optional SAML attributes to set Users' names (not just emails) via JIT provisioning.

  1. firstName (Basic) = user.firstName

  2. lastName (Basic) = user.lastName

  3. Go to the next step.

Step 5. Provide feedback (if you'd like to) and finish Okta app creation.

  1. Pick I'm an Okta customer adding an internal app.

  2. (optional) Provide feedback to Okta and finish the setup.

Step 6. Grab the URL and the certificate and paste into Fibery.

  1. View Setup Instructions for SAML 2.0.

  2. Copy first the URL (1) and then the certificate (3).

  3. Paste them into Fibery SAML SSO configuration.

Configuring another identity provider

If you use another IDP and their guide is of no help, please reach us via Intercom — we'll make it work together. Once we do, a new section will appear in this guide :)

Did this answer your question?