SAML SSO is only available to Enterprise Customers. 

Please contact sales@runn.io to find out more.

Set up

  1. Log into Runn as an account administrator.

General Settings:

  1. Go to Settings -> Account Settings and press Edit

  2. Turn on SAML SSO

  3. Note: Keep Auto Logout and SSO Login Only disabled until after you have tested your SAML SSO set-up. See Additional Settings below.

  4. Press Save

  5. Edit Account Settings again.

  6. You'll see a new field Alias, below your Runn Account Name and Company Website.

  7. Add an Alias, which is used for easily identifying your account.

  8. Now scroll down the page and you will see the SAML Settings box.

SAML Settings:

  1. Add the Runn SSO Callback URL to your application.

  2. Fill in the SAML Issuer (also called Identifier, Entity ID, or Name)

  3. Fill in the SSO Target URL (also called Login URL, Target, or SSO URL)

  4. Add in the IDP Certificate (also called Signing Certificate, or Security Certificate)
    This should be base64 encoded and start with
    -----BEGIN CERTIFICATE-----

  5. Email claim defaults to the recommended value. If the email is passed in a different field, update this to the correct field.

  6. Name claim defaults to the recommended value. If the email is passed in a different field, update this to the correct field.

  7. Press Save on the SAML Settings box.

Additional Settings

Auto Logout

This will automatically log users out after 15 minutes of inactivity, for additional security.

SSO Login Only

This will invalidate logging-in with email addresses and passwords, as well as creating new accounts with email and password.

Ensure you have tested your SAML SSO before turning this on, or you will no longer have access to your account.

Testing

  1. For your testing, ensure you're using the email address of a user who has already an account with Runn or has been invited to join Runn.

  2. Sign out of Runn.

  3. Go to app.runn.io and click the Sign in with SSO link on the bottom right of the Runn sign-up page.

  4. Write the account alias that you entered in the SSO setup OR your Runn Account ID.

  5. You will be re-directed to your SAML login page.

  6. If successful, you will be redirected back to Runn either logged-in, or you will be prompted to set-up a new Runn account if you were using the email address of a user that has been invited to Runn.

  7. If you receive an error, ensure the SAML settings are correct and the user logging-in has an account with Runn or an invite to join your Runn account.

  8. If you still have issues, contact Runn via the chat button in the bottom right corner of your Runn account or email help@runn.io for help resolving the issue.

Additional Settings

Auto Logout

This will automatically log users out of your Runn account after 15 minutes of inactivity for additional security.

SSO Login Only

This will invalidate logging-in with an email address and password, as well as creating new accounts with an email address and password. Ensure you have tested your SAML SSO before turning this on, or you will no longer have access to your account.

FAQ

Can I use a URL to automatically redirect me to the SAML login page?

When you set up your alias, you will be able to log in automatically by going to https://app.runn.io/sso/<alias>.

We can also provide a subdomain such as https://myapp.runn.io for an additional monthly cost.

Can I log users out of Runn via Single Logout?

Single Logout is not currently supported by Runn. We suggest you use auto logout instead. See above. If you require Single Logout please let us know via the in-app chat in the bottom right corner of your Runn account or email help@runn.io

Where can I find my Runn Account ID?

You can find your Runn Account ID displayed under your Account Settings in Runn.

Did this answer your question?