# SAML SSO

Couchdrop can be configured for SAML authentication via the web interface.

### Pre-Requisites 

Users must already exist in Couchdrop for SAML login and as Couchdrop supports login via SFTP and FTP, they must have a password set as well. SAML Login is only available through the web interface.  

### Configuration Steps

**Enable SAML SSO**

Login to Couchdrop as the owner. Navigate to **Administration** --> **SSO** --> **SAML SSO**

You will need to provide the following details to Couchdrop so that it can connect to your identity provider. 

<figure><img src="https://391958821-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FpokYqd27yrOUxIBhyvbF%2Fuploads%2FY9q34N0RQ084NERKDqPh%2FSAML-SSO.png?alt=media&#x26;token=b09e5912-2c12-4a63-ad90-6d8ddeb1f8e6" alt=""><figcaption></figcaption></figure>

### Azure SAML Setup

#### Required Fields&#x20;

<table><thead><tr><th>Field</th><th width="285">Example</th><th>Description</th></tr></thead><tbody><tr><td>SAML IDP Identity ID</td><td>https://sts.windows.net/6c4526c1-a311-479b-af9c-1e0ecc4122be/</td><td>(Microsoft Entra Identifier) See Step 4 of your Entra Single Sign-On App Settings.  </td></tr><tr><td>SAML IDP SSO URL</td><td>https://login.microsoftonline.com/6c4526c1-a311-479b-af9c-1e0ecc4122be/saml2</td><td>(Login URL)<br>See Step 4 of your Entra Single Sign-On App Settings. </td></tr><tr><td>SAML IDP Certificate</td><td>-----BEGIN CERTIFICATE----- MIIC8DCCAdigAwIBAgIQeTBhv/RYZrpAXGf+yF185DANBgkqhkiG9w0BAQsFADA0MTIwMAYDVQQD<br>.....<br>-----END CERTIFICATE----</td><td>Certificate (Base64)<br>See Step 3 of your Entra Single Sign-On App Settings. </td></tr><tr><td>SAML IDP Email Attribute Key</td><td>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</td><td>The example provided is the default for all Microsoft Single Sign-On Apps. </td></tr></tbody></table>

&#x20;<br>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.couchdrop.io/administration/sso-and-single-sign-on/saml-sso.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.