Enterprise Single Sign-On (SSO)
Last updated
Last updated
Enterprise Single Sign-On (SSO) creates a secure bridge between DinMo and your organisation's infrastructure, allowing authentication data to be sourced directly from your identity provider (IdP). This replaces traditional email/password-based authentication providing seamless and centralised access management.
With Enterprise SSO, you can efficiently manage large teams using third-party IdPs like Google Workspace . DinMo continuously expands its list of supported IdPs. If your preferred IdP is not currently available, feel free to contact us for assistance.
DinMo's SSO implementation is based on the widely adopted SAML 2.0 protocol, ensuring secure and standardised integration with your authentication system.
The DinMo SSO is activated at the DinMo organisation level and available for all related workspaces.
You need Admin access to your Google Workspace and DinMo organisation to be able to use the Google Workspace SSO.
Step 1: Create a custom SAML application for DinMo
Sign in to your Google Admin account as an admin
Go to Apps/Web and mobile apps.
In the upper panel, select Add App
Name your App DinMo and click Continue to access the Google IdP page
Step 2: Collect the SAML app details
Make note of SSO URL and the Entity ID. You will need them to configure the SSO for your DinMo organisation.
Download the Certificate
Click Continue to proceed to the app configuration.
Step 3: Configure Google SAML SOO in DinMo
Sign in to your DinMo workspace as an organization admin
Go to your organization management space
Click on your workspace name in the top left navigation menu.
Select Manage Workspaces.
Go to the Organization Settings tab.
Click on Configure Google SAML SSO button
Fill in the Authentification Settings:
SSO Portal Key: Choose a unique key to identify your SSO organization (e.g., <company-name>_SSO).
Sign on URL: Enter the SSO URL collected in Step 2.
Application Identifier (Entity ID): Enter the Entity ID collected in Step 2.
Click Save
Collect the generated values:
DinMo’s Entity ID
DinMo’s Callback URL
Your Portal URL: The URL used to connect to your DinMo workspace through SSO.
Step 4: Complete the SAML App Configuration in Google Workspace
In the ACS URL field, enter DinMo’s Callback URL collected in the previous step.
In the Entity ID field, enter DinMo’s Entity ID collected earlier.
Click Save.
For additional security, you can restrict access to your DinMo workspace to authorized users only in your IdP. To enable this, toggle the Enable SAML-only authentication option.
🎉 Congratulations! You have successfully enabled SSO for all your DinMo account workspaces.
Does DinMo support Just-In-Time (JIT) provisioning?
Currently, DinMo doesn’t offer JIT user provisioning. If an SSO user doesn’t have an existing DinMo account, their account won’t be created automatically.
To add users:
Log in to your DinMo workspace.
Invite the user to join your workspace.
Assign the appropriate roles and permissions by navigating to Settings > Members and managing roles on the Users & Permissions page.
Choose Add custom SAML app from the suggested options
