SAML SSO is only available to Enterprise Customers

Set up

  1. Visit Account Settings and press Edit
  2. Add an Alias, which is used for easily identifying your account.
  3. Turn on SAML SSO
  4. Press Save
  5. Edit account settings again, and you will see the SAML Settings box.
  6. Add the Runn SSO Callback URL to your application
  7. Fill in the SAML Issuer (also called Identifier, Entity ID or Name)
  8. Fill in the SSO Target URL (also called Login URL, Target, or SSO URL)
  9. Add in the IDP Certificate (also called Signing Certificate or Security Certificate)
    This should be base64 encoded and start with
    -----BEGIN CERTIFICATE-----
  10. Email claim defaults to the recommend value. If the email is passed in a different field, update this to the correct field
  11. Name claim defaults to the recommended value. If the email is passed in a different field, update this to the correct field.
  12. Press Save on the SAML Settings box

Testing

  1. Ensure you are logging in with an email that matches a user account in Runn, or has been invited to Runn.
  2. Sign out
  3. Click the "Sign in with SSO" link on the bottom right
  4. Write the account alias that you entered in the setup, or the account id
  5. You will be redirected to your SAML login page
  6. If successful, you will be redirected back to Runn either logged in, or to set up an account in the case of an invite
  7. If you receive an error, ensure the SAML settings are correct and the user logging has an account or invite into Runn.
  8. If you still have issues, contact Runn via the chat button for help resolving the issue.

Additional Settings

Auto logout

This will auto log users out after 15 minutes of inactivity, for additional security measures.

SSO Login Only

This will invalidate logging in with email and passwords, as well as creating accounts with email and password. Ensure you have tested your SAML SSO before turning this on, or you will no longer have access to your account.

FAQ

Can I use a URL to automatically redirect me to the SAML login page?

When you set up your alias, you will be able to log in automatically by going to https://app.runn.io/sso/<alias>.

We can also provide a subdomain such as https://myapp.runn.io for an additional monthly cost.

Can I log users out of Runn via Single Logout

Single logout is not currently supported by Runn. We suggest you use automatic logout instead. If you require Single Logout please let us know via the in-app chat.

Did this answer your question?