Security Assertion Markup Language (SAML) is a standard of communication between Identity Providers (IDP) and Service Providers (SP) like Float!
Float allows companies to set up SAML to seamlessly onboard their employees to start spending on the platform.
Note: SAML is only available for Professional Plan Customers.
Enabling SAML-SSO
If your IDP is one of Okta, Google, or Microsoft Azure, please refer our specific resources to set up SAML-SSO.
Important: If you are using SAML-SSO with your Float account, please ensure you have MFA disabled for your users! This will ensure users aren't required to double-authenticate to log in. You can verify this is disabled by following these steps:
- Navigate to 'Security' in the Settings page within Float
- Click the 'MFA' tile
- Ensure the MFA requirement for all users to set up is toggled 'OFF'
Step 1
Navigate to the Settings Section within Float and Select Security Section within the Settings Page
Step 2
Ensure that you’ve selected SAML and not MFA (Multi-Factor Authentication) as it’s a different authentication feature.
Step 3
Add a domain you wish to be authenticated when logging in. For example:
Floats domain is floatcard.com so the domain we’re looking to authenticate is floatcard.com. The next time someone logs into Float using firstname@floatcard.com, the domain will go through Floats SAML authentication.
Step 4
Verify your domain through your domain host. You’ll need to add the record in the steps below to in order to successfully verify your domain
Step 5
Copy the SP configuration info you'll need to enter in your IDP. The IT team will know where the configuration info should go in your IDP.
Step 6
Based on your IDP, create (2) of the custom Float attributes required for your SAML integration to function. Note: Float does support other IDP providers outside of Google, Okta and Microsoft Azure
Step 7
Once your IT team has configured your IDP, please provide Float with the following info:
Save your configuration and Test the SAML Sign In.
Once SAML is successfully enabled, toggle to enable all employees under your domain to sign in via SAML-SSO moving forward. You'll also be able to onboard new employees via SAML-SSO.
Comments
0 comments
Please sign in to leave a comment.