Login
    Contents x
    Set up SAML SSO authentication (generic)
    • 1 minute read
    • Contributors
    Contents

    Set up SAML SSO authentication (generic)

    • 1 minute read
    • Contributors
    Article summary

    We support you in whatever SAML SSO provider you want to use for your people to log in to Gong.

    This article describes the information you need to set up SAML SSO in Gong for non-specific providers. We have specific instructions for Okta, OneLogin, and Rippling. For any other providers, read on. This article includes information you may need to give your provider. Have questions? Check out the Authentication FAQs.

    Prerequisites

    We ask for the following information:

    • Identity Provider Metadata URL or Identity Provider Metadata XML file

      The URL must be a public URL, meaning that it's publicly accessible, and it should generate a valid SAML Metadata response.

      The XML response or the Metadata XML file must include two SSO bindings with a valid URL:

      • HTTP-POST

      • HTTP-REDIRECT

      An example of the SAML response Gong receives:

       image__5_.png

    • The URL you want to redirect people to after they log out of Gong

    • In your provider, set the SAML name identifier property to emailAddress

    • In your provider, make sure that Signed Authentication Request is turned off

    Your provider may need

    Your provider may ask you for some or all of the following:

    • Gong's entity ID: https://app.gong.io (use this value as written here and not the customer application domain)

    • Gong's ACS URL: https://app.gong.io/welcome/okta/saml/login

    • X509 certificate: Gong does not provide this certificate. Your provider should be able to provide one, if needed.

    Microsoft Azure SAML SSO setup

    To set up authentication via Microsoft Azure:

    1. Log into Microsoft Azure with admin credentials and select Enterprise applications.

    2. Click +New application > Create your own application.

    3. Give the application a name such as Gong SSO, keep the default settings and click Create.

    4. In the application, select Set up single sign on.

    5. Select SAML.

    6. Edit the Basic SAML Configurations and enter the following values:

      1. Identifier (Entity ID): https://app.gong.io

      2. Reply URL (Assertion Consumer Service URL): https://app.gong.io/welcome/okta/saml/login

    7. Click Save.

    8. Edit the Attributes & Claims section as follows:

      1. Name identifier format: Email address

      2. Source: set to Attribute

      3. Source attribute: user.mail

      4. Delete any Additional claims

    9. In the Users and Groups section, add the users or groups you want to have SSO login to Gong.

    10. In the Single sign-on section, copy the App Federation Metadata URL.

    Once you have set up Microsoft Azure for SSO authentication in Gong:

    1. In Gong, go to Company settings > Company > Authentication.

    2. In the Identity provider metadata URL, enter the App Federation Metadata URL you copied from Microsoft Azure.

    3. In After logout, redirect to, enter https://myapps.microsoft.com or a URL that displayes the applications the user has access to.

    4. Click Update. Logout and login via Azure to test the SSO authentication.

    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Eddy, a genAI helper, will scrub our help center to give you an answer that summarizes our content. Ask a question in plain language and let me do the rest.