Single sign-on (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials

SSO works on a trust relationship between an application, known as the service provider, and an identity provider, like Okta, Azure, CyberArk, etc. This trusted relationship is often based on a certificate exchanged between the identity provider and the service provider. This certificate can be used to sign identity information sent from the identity provider to the service provider so that the service provider knows it is coming from a trusted source. In SSO, this identity data takes the form of tokens that contain identifying bits of information about the user, like a user’s email address or username.

SwagMagic is SAML 2.0 enabled and has partnered with various Identity Providers to provide seamless login to our customers. Currently, we support SSO login with Okta, Microsoft Azure, and CyberArk. We are in the process of integrating other identity providers as well.

The SwagMagic SAML integration currently supports the following features:

• SP-initiated SSO
• IdP-initiated SSO
• JIT (Just In Time) Provisioning
• SP-Initiated Single Logout

Enabling SSO on SwagMagicis a straightforward process.

1. Find our application in the Application catalog of Okta, Microsoft Azure, or CyberArk.
2. Install the application for your organization in your IDP account.
3. Share the following details on hi@snackmagic.com
   a. Single Sign-on URL
   b. Single Logout URL (optional)
   c. Certificate
4. Leave everything else to us to do.
5. Assign users who will use SwagMagic to the application.

Once SSO is enabled for your email domain, all the users using the same email domain will be redirected to your IDP.

For any further queries, please contact hi@snackmagic.com.