SSO setup

Last updated: December 8, 2025

Solidroad supports JIT SAML-based Single Sign-On (SSO) with identity providers such as Okta, Azure AD, and others. We also support EASIE for Google and Microsoft and OIDC. This guide outlines the process for enabling SSO for your organization.

Overview

SSO is support-led currently which requires you to reach out to your Account Manager or support@solidroad.com

When an enterprise SSO connection is created for your organization, Solidroad automatically generates the SAML configuration values (ACS URL, Entity ID, and Metadata URL). These values are unique to your connection and must be entered into your identity provider.

Note: Solidroad does not offer a one-click application in the Okta Integration Network or other IdP app galleries currently. Configuration must be completed manually using the values we provide.

Once SSO is enabled, email-based signups and logins are blocked for your domain, and users must authenticate through your IdP.

Your SSO Configuration Values

Use the following Solidroad-generated values when creating a SAML application in your IdP:

Single Sign-On URL (ACS URL)

https://clerk.solidroad.com/v1/saml/acs/samlc_examplevalue

Audience URI (SP Entity ID)

https://clerk.solidroad.com/saml/samlc_examplevalue

Metadata URL

https://clerk.solidroad.com/v1/saml/metadata/samlc_examplevalue.xml

These values are required to configure the SAML application in Okta, Terraform, or any other SAML-compliant system.

Configuring your provider

Depending on your provider, you can use these guides for getting setup using SAML. You only need to follow Step 2 in these guides:

This step includes setting the ACS URL, Entity ID, and other core SAML parameters.

If you manage your configuration via Terraform, this process is similar, the values above map to the corresponding Terraform fields.

When to Enable the Connection

After your IdP configuration is complete, Solidroad must enable the SSO connection from our side. This will enforce sign in via SSO only and block all other sign in types.

Important:
If we enable SSO before your organization is ready, existing users will be locked out and forced to authenticate via SSO.

Need Help?

If you run into any issues or need guidance during setup, contact support and we’ll be happy to assist.