Single Sign-On (SSO) allows one organization controlled login for multiple external services. For example, you can use your work Google account to sign into CoderPad.
It reduces the risk of reused passwords across multiple services. By enabling SSO, you’re less likely to have interviewers forget credentials, therefore missing scheduled interviews and creating bad candidate experiences.
Who Can Set up SSO with CoderPad?
Any admin on your CoderPad account can configure SSO using your organization’s SAML settings, assuming your plan supports it.
If you have any questions about getting access to or setting up SSO we are happy to help you out. Contact us and we’ll help get things sorted.
SSO Setup Quick Reference
To quickly get started with SSO:
- As an admin, visit “CoderPad Single Sign-On Settings”
- Download our Service Provider Metadata, linked in the “Step 1” header
- Use Service Provider Metadata to generate IdP metadata
- Import IdP Metadata SAML XML
- Set custom login subdomain
- Set enforcement of SSO (optional)
SSO Step-by-Step Setup
To get to the SSO settings page, start going to your Team Settings. You can do this by selecting the dropdown with your name in the top right corner of the CoderPad dashboard
If you don’t see team settings in your dropdown menu, you do not have permissions to update your organization’s CoderPad settings. Please contact your account admin.
As an admin, you’ll be able to see all of your team’s settings. At the bottom of your team settings page, you’ll find a section called “Single Sign-On (SSO)”
Click on “Configure SSO settings” to open the single sign-on options page.
To fully configure SSO for your organization, there are three steps.
Provider Metadata Setup
First, in order to generate IdP metadata, you need our Service Provider Metadata – we provide it as an XML as a link in the first paragraph. You can either choose to click the link – which will open the `metadata.xml` file or right click and select “Save link as… “ to save the XML file to your local storage.
Then, import this file into your SSO provider where they ask for Service Provider metadata. This will generate an IdP metadata file that you then need to upload here.
Afterwards, you’ll start by providing identity provider metadata. You can either choose to manually input data or automatically import. We recommend automatic importing.
Upload your SAML XML metadata file using the upload button
Copy + paste the XML file’s entire contents into the form on this page
Likewise, manual entry is like it sounds. Simply input the values for:
- Issuer Entity ID
- Certificate SHA-1 Fingerprint
- Single Sign-On Target URL
- Single Logout Target URL (optional)
We strongly encourage you to utilize our automatic import functionality. These values are long strings that can be easy to confuse and make significant mistakes which may impact login functionality.
SSO Login Subdomain
Now that you’ve configured your IdP information, you’re able to customize your SSO login subdomain.
This will give you a dedicated sign in page specifically for your organization.
You should direct your users to use this subdomain for login: they’ll be greeted with a welcoming login screen specifically for SSO users to reduce confusion.
However, if one of your users accidentally attempts to login through other CoderPad pages – such as our homepage login button – we’ll redirect them to the correct location upon email input.
Mandatory SSO Enforcement
While we allow organizations to have both SSO and more traditional email/password user accounts, we recommend you enforce SSO login. The benefits of doing this are:
- Simplification of organization-wide authentication
- Reduced/simplified IT support requests
- Ability to add security precautions (such as 2FA)
To make SSO mandatory, simply select the “Enforce SSO” checkbox in the step 3 section.
We strongly encourage you to save this form, and test login with both new and existing user accounts before making SSO mandatory, or you may lock yourself out of your account.
Once you’re done updating your SSO settings, make sure to hit save to persist your changes.
When enabling SSO, we expect fields for email and name. If you have multiple fields for names (such as first name and last name), you should pass through first name only, or should compress them into a single name field.
CoderPad SSO uses SAML 2.0 for authentication, and we support integration with standard 3rd party SAML providers.
Likewise, while some services provide a certificate as SHA-256 fingerprints, you will need to convert them to a SHA-1 formatting fingerprint if you’re manually inputting IdP metadata into CoderPad.
To do this, copy the Certificate for conversion on a service (such as https://www.samltool.com/fingerprint.php) then copy the SHA-1 formatted fingerprint for entry within CoderPad.
Finally, we do not support automatic user de-provisioning. That said, after a user is deactivated internally in your SSO solution, any CoderPad account admin can deactivate their CoderPad account on the Organization Members page.
External Services Documentation
- OneLogin has a connector built specifically for CoderPad for easy integration
- MS Active Directory is not specifically supported by us but may be able to be configured
- Okta currently has two integrations listed for CoderPad. Please use the CoderPad SAML integration in OIN. We’re working with Okta to cleanup the integrations listings
Table of Contents