Configure SSO

This topic describes the steps you need to do for getting started with SEI

Sign in using Single Sign-On (SSO)

  1. Access the SEI service through your preferred web browser.

    Based on the region of your application, the you will be redirected to either of below, kindly make sure that it is the relevant one.

  2. Enter your email address and click "Next."

  3. Enter your company name and click "Next."

If your organization has configured SSO for your account, you will be successfully signed in to SEI.

If SSO Is Not Enabled for Your Account:

  1. You will be prompted to enter your password.

  2. Enter your password and click "Next."

If your credentials are valid, you will be signed in to SEI.

First time setup or email not recognized?

If you're signing in for the first time or your email is not recognized:

  1. Click on "Are you signing in for the first time and want to use your organization's SSO?"

  2. Enter your company name and click "Next."

If your organization has enabled SSO for your email ID, you will be successfully signed in. For any issues, contact your SEI administrator for assistance.

Trouble signing in?

If you're having trouble signing in:

  1. Select "Try other methods to sign in.”

  2. Enter your credentials and click "Login."

If your credentials are valid, you will be signed in to SEI.

Note: If SSO is configured for your email ID, you can choose "Login with SSO" instead of entering your password.

If you've forgotten your password:

  1. Select "Try other methods to sign in."

  2. Click "Forgot Password" and check your email inbox for password reset instructions.

Still Having Trouble Signing In?

If you're still facing issues signing in, please contact SEI Customer Support by selecting the Feedback option in SEI.

Configuring SSO

SEI supports Single Sign-On (SSO) for all users and also offers basic auto-provisioning. To set up SSO for your application, follow these parameters:

  1. SP-Entity-id: `levelops.io`

  2. ACS-URL: (Provided by your IDP)

  3. Name-ID format: email address

  4. Response and Assertion should be signed.

  5. Attributes for proper auto-provisioning:

    • FirstName attribute needs to be the user’s first name

    • LastName attribute needs to be the user’s last name

  6. Set a default relay state for IDP-initiated login (the relay state is present on the SSO configuration page).

To access the SSO configuration page on SEI, navigate to Settings > SSO Settings or use the provided URL.

Once your Okta application is configured, gather the following information and add it to the SSO Settings on SEI:

  1. idp-entity-id or the SAML-Issuer-Id or the idp-issuer-id

  2. IDP’s SSO URL or the app-embed link

  3. IDP certificate

JIT Provisioning

With SSO enabled, SEI supports JIT (Just-In-Time) Provisioning. This means that users configured for access to SEI will be automatically provisioned into SEI Users on their first login. They will initially have LIMITED USER access, which can be manually updated to other roles post-provisioning.

PreviousKey conceptsNextEarly Access

Last updated