How to configure SAML SSO?

Single sign-on (SSO) allows users unified access to Notta using one set of credentials. This increases convenience, security, productivity and compliance by reducing passwords, enabling centralized authentication, speeding access across apps, and leveraging role-based controls.

In this article, you will learn how to take advantage of SSO on Notta.

Note: This feature is only available to users on Enterprise Plan.

 

Contents

 

How to set up SSO for your Notta workspace?

If you are a subscriber to Notta Enterprise, please feel free to contact our sales team for detailed guidance on how to set up SSO for your Notta workspace. Below are examples of the connection to Google Workspace and Azure AD via SAML.

Connection to Google Workspace via SAML

1. Log in to the Google Admin dashboard, select [Apps] from the left sidebar, and then select [Web and Mobile Apps] from the following list. Select [Add App] and then [Add custom SAML app].

2. Name the app "Notta", then click [Continue].

3. Click [Download Metadata] to download the metadata file, then click [Continue]. Send the downloaded metadata file to the Notta sales team.

4. The sales team will return you the "ACS URL" and "SP Entity ID", paste them into the corresponding fields in the Google SAML "Service provider details" modal, then click [Continue].

5. Click [Add mapping], Select user fields in Google Directory, then map them to service provider attributes.

6. After going through the above steps, you can confirm the connection at [Apps] > [Web and Mobile Apps] in the Google Admin dashboard.

 

Connection to Azure AD via SAML

1. Log in to the Azure Active Directory Admin dashboard, select [Enterprise Applications] from the list of Azure services.

2. Click [New Application] > [Create your own application], Name the app "Notta". Select [Integrate any other application you don’t find in the gallery (Non-gallery)], then click [Create].

3. Select [Single Sign-On] from the left sidebar, and then select [SAML].

4. Click the Edit icon in the upper-right corner of the first step "Basic SAML Configuration".

5. Input the "IdP URI (Entity ID)" and "ACS URL" provided by the sales team to the corresponding fields.

6. Copy the "App Federation Metadata URL" from the third step"SAML Signing Certificate" section, then send the URL to the sales team.

Note

  • Only the owner of the Notta workspace can configure SAML SSO.
  • Only one domain is supported for each workspace.
  • When SSO is enabled, all team members (including the owner and admins) will be logged out. Please log in to Notta again using SSO.
  • The services may be interrupted during the configuration of SSO. Please ensure that there are no ongoing tasks (transcription, editing, etc.) in the workspace when configuring.
  • When SSO is enabled, you will no longer be able to invite a user who is using an email address with an unverified domain.

How to log in to Notta with SSO?

Notta Web (PC)

1. Click [Log in with SSO] on the login page.

sso-web-01.png

2. Input your email address, then click [Continue].

sso-web-02.png

 

Notta App (iOS/Android device)

1. Click [SSO].

sso-app-01.PNG

2. Input your email address, then click [Continue].

sso-app-02.PNG

 

FAQs

Q1: If my identity provider(idP) terminates the provision of service, can I still log in to Notta?

Please contact our sales team and we will help you disable the SSO.

 

Q2: If I enable SSO, what will happen to those members who are using email addresses with unverified domains?

The workspace can only be accessed via SAML SSO by users with a verified email domain.

For those who have joined the workspace using personal email addresses, their accounts will be deactivated. The owner and admins can remove deactivated members from the workspace to free up occupied seats.

 

Q3: How to update my SSO configuration?

Please contact our sales team.

 

Q4: How to disable SSO?

Please contact our sales team.

 

Q5: I have enabled SSO and invited members, why can members still log in with email addresses and passwords?

Please confirm whether the status of the member's account is 'Active'. If it's not, ask the member to join the workspace through the invitation link delivered via email.

 

Q6: My organization has created multiple workspaces, will SSO be enabled for all workspaces after turning it on?

If the domains are the same, then only one workspace can have SSO enabled at this moment. If you need SSO for multiple workspaces, please contact our sales team.

 

Articles in this section

Was this article helpful?
0 out of 1 found this helpful
Share