Skip to content

SAML Configuration

SmartOSH allows user authentication via the SAML protocol. This guide is aimed at authentication environment administrators and details how to enable the link with a SAML identity provider.

The SmartOSH environment must be configured with a custom URL before starting the integration. If there are PRE and PRO environments, the process must be carried out independently in each of them.

EnvironmentURL Example
PRO (production)https://cliente.smartosh.com
PRE (pre-production)https://cliente.pre.smartosh.com

The order of these steps is not important; they can be performed in whichever order is most convenient for the client or consultant.

Obtain and send the metadata URL to the client

Section titled “Obtain and send the metadata URL to the client”
  1. Access Settings of the SmartOSH environment.
  2. Go to the SSO section.
  3. Copy the SAML metadata URL shown in that section.
  4. Send that URL to the client so they can download the SmartOSH metadata XML file.

The client will provide their SAML configuration obtained from their own identity provider.

  1. Go to SettingsOperationsImport SAML Metadata.
  2. Upload the XML file provided by the client.

Once these steps are completed, the environment will be ready to authenticate via SAML.

Step 1 — Create the Enterprise application

  1. In Azure Portal, go to Azure Entra IDEnterprise Applications.
  2. Click New applicationCreate your own application.
  3. Name: SmartOSH.
  4. Select Integrate any other application you don’t find in the gallery (Non-gallery).
  5. Click Create.

Step 2 — Configure SAML

  1. In the created application, go to ManageSingle sign-on.
  2. Select SAML.
  3. In the Basic SAML Configuration section, click Upload metadata file.
  4. Upload the SmartOSH metadata XML file.
  5. Azure will automatically complete:
    • Identifier (Entity ID): https://smartosh.com/samlsp
    • Reply URL (Assertion Consumer Service URL)
  6. Click Save.

Step 3 — Obtain Azure metadata

  1. In SAML Certificates, download the Federation Metadata XML.
  2. Send this file to SmartOSH to complete the configuration (see Upload the client metadata).

Step 4 — Assign users

According to the client’s internal procedures, assign the corresponding users or groups to the newly created application.


Step 1 — Access applications

  1. Log in to the Okta admin panel.
  2. In the side menu, go to ApplicationsApplications.

Step 2 — Create the integration

  1. Click Create App Integration.
  2. Select SAML 2.0Next.

Step 3 — General configuration

  1. App name: SmartOSH
  2. Next.

Step 4 — Basic configuration

ParameterPRO EnvironmentPRE Environment
Single sign-on URLhttps://CLIENTE.smartosh.com/SAMLConsumeService.aspxhttps://CLIENTE.pre.smartosh.com/SAMLConsumeService.aspx
Audience URI (SP Entity ID)https://smartosh.com/samlsphttps://smartosh.com/samlsp
Application usernameEmail (or as agreed with SmartOSH)Email (or as agreed with SmartOSH)

Check the option Use this for Recipient URL and Destination URL. The rest of the parameters can be left at their default values or adjusted according to the client’s criteria.

Step 5 — Advanced configuration (Click “Show Advanced Settings”)

In Other Requestable SSO URLs, add the following entries:

PRO Environment:

URLIndex
https://CLIENTE.backend.my.smartosh.com/Account/SAMLCallbackNG2
https://CLIENTE.backend.my.smartosh.com/Account/SAMLCallbackIonic3

PRE Environment:

URLIndex
https://CLIENTE.backend.pre-my.smartosh.com/Account/SAMLCallbackNG2
https://CLIENTE.backend.pre-my.smartosh.com/Account/SAMLCallbackIonic3

The rest of the parameters can be left at their default values or adjusted according to the client’s criteria.


Source: KB041 – SAML Configuration, version 1.0.00, 24/11/2025.