Using Single Sign On to create team member accounts

Last modified: March 13th, 2023

Working with a specific static site generator?
Customize CloudCannon's documentation to suit your SSG.

Great! We'll show you documentation relevant to .
You can change this any time using the dropdown in the navigation bar.

Enforce Single Sign On for your team members and increase security by using CloudCannon with SAML.

CloudCannon is set up as a Service Provider (SP) to allow Single Sign On (SSO) for your Organization. To use this feature, you need to be on our enterprise plan and already have your own Identity Provider (IdP).

Configuring SAML#

SAML can be a tricky thing to configure with only one end of debugging. If you would prefer manual assistance with setting up, please contact support.

To configure SAML with your IdP you will need the following details:

  • SAML 2.0 Endpoint (HTTP)
  • Issuer
  • X.509 Certificate

The issuer is configurable to allow multiple organizations from the same IdP. It must start with cloudcannon.com/. Leaving this blank will configure it as cloudcannon.com.

To add these details:

  1. Go to Organization Settings / SAML
  2. Fill in all of the fields available and submit the form
Screenshot of SAML interface

Once configured, you will get a screen defining any information you will need. If you require more information than displayed, please contact support.

Okta Setup#

Okta is a popular Identity Provider. To use Okta SAML with CloudCannon follow these instructions:

Create app#

Create a new SAML 2.0 application on Okta for CloudCannon.

Screenshot of Okta SAML setup interface

Configure Okta#

Go to CloudCannon and open Organization Settings / SAML. Copy your Issuer and Consume URL. If you do not have a SAML option in your menu contact support to get this enabled.

Screenshot of SAML update interface

Enter the Issuer and Consume URL information into Okta.

Screenshot of OKTA SAML update page

And confirm you’re using CloudCannon as an internal application.

Screenshot of Okta SAML confirm screen

CloudCannon Configure#

View the setup instructions for your newly created application on Okta.

Screenshot of Okta SAML configuration interface

Copy the Identity Provider Single Sign-On URL and X.509 Certificate.

Screenshot of Okta SAML Identity details

Enter the Identity Provider Single Sign-On URL and X.509 Certificate information into CloudCannon.

Screenshot of SAML interface with details updated
Open in a new tab