Integrate SAML with your Conga Collaborate account.
Begin Integration
To connect SAML to your Collaborate account, take the following steps:
- From your Account Settings view, click Integrations.
- Choose SAML from the Integrations menu.
- Click the checkbox next to Enable SAML.
- Fill out the fields:
- The provider **Name** (Salesforce, for example)
- A URL of the **Identity Provider**
- The digital **certificate** or metadata XML file from the platform you are linking
- Click Save Changes
SAML Features
Using this integration through Collaborate and Salesforce (for example) makes Salesforce the Identity Provider (IdP). After you enable this integration, you see a separate link asking you to sign on using Salesforce. Entering your credentials confirms you as the user and redirects you to Collaborate After sign-in, you’re authenticated by SAML and have reached out to all service providers involved. Using SAML can also auto-provision users in Collaborate, meaning that all accounts are managed via the identity provider. Use the auto-provision toggle to set this feature. Because your email address is your user identification, you need to make sure you’re using the same one in all the systems you connect. You can use any SAML 2.0 identity provider, including Salesforce, Microsoft ADFS, Okta, and Onelogin.
Set up your SAML integration on the Salesforce end by configuring a domain name, enabling the identity provider, and creating a connected app. The following sections walk you through each step.
Configure a Domain Name
Start the process by logging in to Salesforce. From your home page, follow these steps:
- Click Security Controls under Administer.
- Click Identity Provider in the drop-down menu.
- Click Configure a Domain Name.
- From Domain Management, choose My Domain.
- Enter the sub-domain name you want.
- Click Check Availability.
- Check Terms and Conditions.
- Click Register Domain.
Salesforce will register the DNS change and send an email confirmation. You can then log in to and test your custom domain. If everything’s shipshape, Deploy to Users to make it official.
Enable Identity Provider
After you have a custom domain, use these steps to enable the Identity Provider:
- Click Enable Identity Provider.
- This generates a self-signed x.509 certificate to be used for SAML authentication.
- Click Download Certificate.
- The certificate is used when configuring Conga Collaborate for Single Sign-On.
Create Connected App
Follow these steps to create your connected app:
- From Connected Apps, click Create Apps.
- Click Apps.
- Click New.
- Create a New Connected App for Conga Collaborate (the service provider).
- Fill out the following fields:
- Click Manage.
- Right-click and copy the link for the IdP Initiated login URL.
- Click Edit the Connect App.
- Paste the IdP Initiated login URL into the Start URL under Basic Information.
- Click Save.
- Click Manage Profiles.
- Add the user profiles who can access this App.
The connected App Conga Collaborate should now be visible in the drop-down box and should automatically log you into your Conga Collaborate account.
Finish the Integration
After you’re in Conga Collaborate, follow these steps to finish this integration:
- Go to your Account Settings.
- Click Integrations.
- Click the SAML box.
- Copy the configuration settings provided by Salesforce.com into the SAML Configuration form.
- The IDP Start URL is the IdP-Initiated Login URL from Salesforce.
- The IDP SSO Target URL is the SP-Initiated POST Endpoint from Salesforce.
- The IDP Certificate Fingerprint comes from the self-signed certificate from Security -> Identity Provider.
For more integration information, see SSO Integration Overview.