Cloudwords Enterprise Edition now supports SAML v2 as an alternative to standard e-mail address/password authentication. SAML is an industry standard which enables many SSO (single sign-on) solutions. Single Sign-on provides secure identity management at the enterprise level, with password controls and multi-factor authentication unified across all of the applications your enterprise uses.
SAML Onboarding Overview
1) Configure your SAML Identity Provider by importing the Cloudwords SAML metadata from https://app.cloudwords.com/saml/metadata (for sandbox accounts, please use https://app-sandbox.cloudwords.com/saml/metadata)
2) Determine which users on your Cloudwords account cannot use SAML (if any).
3) Retrieve the SAML metadata for your identity provider, this metadata must be provided to Cloudwords to activate SAML.
Note: In order to use SAML with Cloudwords, your Identity Provider must be configured to use e-mail addresses as a NameID format (urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress). The e-mail address provided must match the user’s username on Cloudwords.
4) E-mail your SAML metadata (or its URL, if it is published over HTTPS) and the list of users which cannot use SAML to firstname.lastname@example.org.
5) You will be contacted once SAML has been enabled.
6) Once SAML has been enabled for your Cloudwords account, users which cannot use SAML will need to reset their password using the forgot password link at https://app.cloudwords.com
Logging in with SAML
Users with SAML-enabled can log in by clicking the “Sign in with a Linked Account” link at the bottom of the standard Cloudwords login page. They will then be prompted to enter their Cloudwords username. The e-mail address entered is used to determine with Identity Provider the user should use to login.