Information for users
chatsPromptsProgram settings
Information for administrators
admin areaSSO with SAML 2.0
useful information
In generalAI models

Setting up automatic login with SAML

General information

The setup requires advanced knowledge of SAML 2.0, single sign-on and your identity provider.

Users who automatically receive a account via single sign-on are not automatically deleted or deactivated. These users can manually go to be deleted.

Login via SAML 2.0 can be requested via our contact form: Your request will be processed and approved as quickly as possible.

If you have received feedback about the activation, the connection can be set up.

Identity provider settings

Create a new app with Microsoft Entra ID Microsoft Entra ID. Nutzen Sie dafür den with the “New application” button and then “Create your own application”.

Then choose an app name and “Integrate any other application you don't find in the gallery.”

Set the single sign-on method to “SAML”.

In the configuration below, first ignore steps 1 and 2, download the certificate “Certificate (Base64)” from step 3 and copy the Microsoft Entra Identifier and the login & logout URLs from step 4. settings

Add the copied values to the settings in the administration interface one.

- IDP Entity ID — Microsoft Entry Identifier from step 4

- IDP login URL — login URL from step 4

- IDP logout URL — Logout URL from step 4

- IDP x509 certificate — Certificate (Base64) from step 3

You can then save the configuration in and open the generated metadata XML for the Entra ID configuration.

In step 1, enter the identifier (entity ID) the value entityID (URL, ends in “/metadata”) and the “reply URL” (URL, ends in “/acs”).

In step 2, set the “Unique User Identifier (Name ID)” to “user.mail [nameid-format:emailAddress]”.

You can test a successful configuration using the links in the administration area. The browser login URL opens, the app login URL opens the desktop app and the admin area login URL opens the administration area.