Arcwise Documentation
English
English
  • 👋Welcome to Arcwise!
  • 📘Arcwise setup
    • 🔐 SAML Single Sign-On (SSO)
    • ⚙ïļUser & Role Management
    • 🌐Add to Google Workspace
    • 🔌Connect Data Warehouse
      • ðŸ“ŦArcwise Fixed IP Address
      • ❄ïļSnowflake
      • 🔍BigQuery
      • 🐘Postgres
      • ðŸ§ąDatabricks
      • ðŸŠķAthena
      • ðŸŠĢS3
    • ðŸ’ŧConnecting data tools
      • 🎆Connect to dbt
      • 🔎Connect to Looker
      • 🧊Connect to Cube
    • 📜Audit logging
    • ☁ïļIntegrations
      • Overview
      • Hubspot
      • Salesforce
    • ❔FAQ
  • 🔐Google Login Errors
  • 📜Product Changelog
  • Connecting data
    • âœĻConnecting Data
    • ðŸ’ŋData Warehouse
    • ⮆ïļUploading CSV Files
    • ðŸ”ĻImporting Data from Other Tools
    • ðŸĪ–Selecting Spreadsheet Data for AI Analysis
  • Using Arcwise in sheets
    • â–ķïļArcwise Connected Data
      • Adding Columns
      • Filtering
      • Sorting
    • 🗃ïļWorking With Large Data
    • 🧊Using Formulas in Sheets
    • 🟰Supported Formulas
    • 📊Pivot Tables
    • 📉Creating Manual Visualizations
  • Using Arcwise AI Analyst
    • ðŸĪ–AI Analyst Overview
    • ❇ïļUsing AI Analyst in Sheets
    • 📂Getting Data Using AI
    • 📈Creating a Visual
    • ðŸ’ĄGenerating an Insight
    • 📃Using AI Analyst on Spreadsheet Data
    • Embedding the AI Analyst Chat
  • Using Arcwise AI Formulas
    • ðŸĪ–GPT Formulas Overview
    • ✔ïļGPT Formula Basics
    • 📖GPT Formula Reference
Powered by GitBook
On this page
  • ⚠ïļ Important Note About Login Options
  • 1. Enable SAML in Your Admin Console
  • 2. Obtain our Service Provider (SP) Metadata
  • ✅ Finalize and Test
  • ðŸ‘Ĩ Optional: SCIM for User Provisioning
  1. Arcwise setup

🔐 SAML Single Sign-On (SSO)

PreviousArcwise setupNextUser & Role Management

Last updated 2 days ago

Our application supports SAML-based Single Sign-On (SSO) to help organizations centrally manage user authentication through their Identity Provider (IdP), such as Okta, Azure AD, or Google Workspace.

⚠ïļ Important Note About Login Options

By default, we use Google OAuth to authenticate users. However, once SAML is enabled, Google Sign-In will be disabled. All users in your organization will be required to log in using your configured SAML Identity Provider.

1. Enable SAML in Your Admin Console

In your admin settings:

  • Navigate to the Authentication section.

  • Enable the SAML Enabled toggle.

  • Fill the SAML Metadata of your Identity Provider.

  • Save the configuration.

📌 Your metadata XML typically starts with:

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="http://www.okta.com/..."

2. Obtain our Service Provider (SP) Metadata

You will need the service metadata to configure our service within your Identity Provider. To obtain it, on the same page, click on the Service Provider Metadata button. You should see a modal with the following information

  • Entity ID

  • ACS (Assertion Consumer Service) URL

  • NameID Format

Use this information to configure a new SAML application in your IdP.

✅ Finalize and Test

Once configured:

  • Test logging in via your Identity Provider. To do so, click on Sign in with SSO button.

    • Sign in with Google will not work anymore, unless you disable SAML.

    • SSO must be used on the Web version and on the Admin too.

  • Ensure user accounts match by email address (as per NameID format).

If you encounter any issues, feel free to reach out to our support team for assistance.

ðŸ‘Ĩ Optional: SCIM for User Provisioning

We also support SCIM (System for Cross-domain Identity Management) to allow automated provisioning and deprovisioning of users from your Identity Provider.

With SCIM, you can:

  • Automatically create users in our platform when they're assigned access in your IdP.

  • Automatically deactivate users when they're unassigned or removed in your IdP.

  • Sync user attributes like name, email, and groups.

To enable SCIM:

  1. For now we only support Bearer Token authentication that must be configured on the Admin.

  2. The base be obtained by cliking on the SCIM Endpoint button.

  3. Configure your Identity Provider (Okta, Azure AD, etc.) with the provided SCIM endpoint and token.

  4. Set up attribute mappings as needed.

📌 SCIM is optional but highly recommended for teams managing users at scale.

📘
SAML Metadata is required
The values here are an example from our sandbox environment
Buttons for login