Set up SAML SSO authentication (generic)
  • 1 minute read
  • Contributors
  • Dark
    Light

Set up SAML SSO authentication (generic)

  • Dark
    Light

Article summary

This article provides guidance on setting up SAML SSO in Gong for various providers. It outlines the required information, such as Identity Provider Metadata URL, SSO bindings, and SAML response details. Specific instructions are given for Microsoft Azure setup, including steps for authentication configuration and user/group management. The process involves entering metadata URLs, configuring attributes, and testing the SSO authentication. Additional details may be requested by the SSO provider, such as Gong's entity ID and ACS URL. The article emphasizes the importance of following the specified settings and ensuring proper configurations for successful SAML SSO integration with Gong.

We support you in whatever SAML SSO provider you want to use for your people to log in to Gong.

This article describes the information you need to set up SAML SSO in Gong for non-specific providers. We have specific instructions for Okta, OneLogin, and Rippling. For any other providers, read on. This article includes information you may need to give your provider. Have questions? Check out the Authentication FAQs.

Prerequisites

We ask for the following information:

  • Identity Provider Metadata URL or Identity Provider Metadata XML file

    The URL must be a public URL, meaning that it's publicly accessible, and it should generate a valid SAML Metadata response.

    The XML response or the Metadata XML file must include two SSO bindings with a valid URL:

    • HTTP-POST

    • HTTP-REDIRECT

    An example of the SAML response Gong receives:

     image__5_.png

  • The URL you want to redirect people to after they log out of Gong

  • In your provider, set the SAML name identifier property to emailAddress

  • In your provider, make sure that Signed Authentication Request is turned off

Your provider may need

Your provider may ask you for some or all of the following:

  • Gong's entity ID: https://app.gong.io (use this value as written here and not the customer application domain)

  • Gong's ACS URL: https://app.gong.io/welcome/okta/saml/login

  • X509 certificate: Gong does not provide this certificate. Your provider should be able to provide one, if needed.

Microsoft Azure SAML SSO setup

To set up authentication via Microsoft Azure:

  1. Log into Microsoft Azure with admin credentials and select Enterprise applications.

  2. Click +New application > Create your own application.

  3. Give the application a name such as Gong SSO, keep the default settings and click Create.

  4. In the application, select Set up single sign on.

  5. Select SAML.

  6. Edit the Basic SAML Configurations and enter the following values:

    1. Identifier (Entity ID): https://app.gong.io

    2. Reply URL (Assertion Consumer Service URL): https://app.gong.io/welcome/okta/saml/login

  7. Click Save.

  8. Edit the Attributes & Claims section as follows:

    1. Name identifier format: Email address

    2. Source: set to Attribute

    3. Source attribute: user.mail

    4. Delete any Additional claims

  9. In the Users and Groups section, add the users or groups you want to have SSO login to Gong.

  10. In the Single sign-on section, copy the App Federation Metadata URL.

Once you have set up Microsoft Azure for SSO authentication in Gong:

  1. In Gong, go to Company settings > Company > Authentication.

  2. In the Identity provider metadata URL, enter the App Federation Metadata URL you copied from Microsoft Azure.

  3. In After logout, redirect to, enter https://myapps.microsoft.com or a URL that displayes the applications the user has access to.

  4. Click Update. Logout and login via Azure to test the SSO authentication.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Bruno AI, a genAI helper, will scrub our help center to give you an answer that summarizes our content. Ask a question in plain language and let me do the rest.