Air provides Single Sign-On (SSO) functionality for enterprise customers to access the app through a single authentication source. This allows IT administrators to better manage team access and keeps information more secure.

SAML (Security Assertion Markup Language) is a standard that permits identity managers to safely pass authorization credentials to service providers like Air. In a SAML SSO set up, the Identity Provider (Azure, Okta, etc) manages the organization's user accounts and credentials. The Service Provider (Air) is the app or website that provides services to the user or organization.

When using SAML SSO, Air won't store passwords for any accounts managed by Single Sign On. Members log in to the organization via their identity provider.

As an admin workspace member, you're able to get your team started with SAML SSO. The functions here allow you to customize your team's Air workspace for added security.

There are required and optional settings that allow for the setup of SAML SSO functions on Air. Authenticating your workspace with the provided custom ID/details will ensure your team can access Air seamlessly.

This is a required field for establishing your SAML connection. The URL provided by your Identity Provider (IdP) is placed here to properly connect your Air workspace.

Once you're set up with your idP, use this setting to enable SAML SSO for your current and future workspace members. This will provide the option to log in with SAML for your workspace members.

Choosing this feature after setting up and enabling SAML SSO for your workspace, workspace members with an approved email domain can only use SAML SSO to log in. Using this stops users from being able to log in to Air through Google SSO, Apple SSO or Air's login page.

Now that you're up to speed on Air's SAML SSO settings, you can configure SAML SSO between Air and your Identity Provider.

For full setup instructions, check out our SAML SSO Configuration Guide.
​

Still have more questions? Send us a message.