Skip to main content

Knowledge Base

Enable Single Sign-On (SSO) for Bynder

Single Sign-On (SSO) can be a big time saver for both users and administrators. With Single Sign-On users can log in to their Bynder portal with just one click. By implementing SSO, company employees won't need separate Bynder credentials to authenticate. When they're connected to your company network they can click the SSO login button on the login page of the portal to quickly log in.

SSO also allows you to create new user accounts automatically, which takes this manual task away from portal administrators. By setting up profile or group mapping you can ensure that a user account with the appropriate permission profile is created when a user logs in for the first time using SSO.

Discover the possibilities of SSO below and find out which standards and services we support.

Supported Standards and Services

Bynder supports the most common standards and services for SSO integration using Security Assertion Markup Language (SAML), for example, Active Directory Federation Services (ADFS), OKTA, Azure, Google, and Oracle.

ADFS

We encourage integrating with Active Directory using ADFS POST, Redirect SSO (with the SAML 2.0 standard). Read more about setting up ADFS for SSO here.

LDAP

If you use LDAP, you need to enable your ADFS infrastructure to authenticate users whose identities are stored in LDAP. For more information, see: Configure AD FS to authenticate users stored in LDAP directories

Azure

If you want to use Microsoft Azure, see the link for the required integration steps: Tutorial: Azure Active Directory integration with Bynder.

Google

Read more about logging in with Google Single Sign-On here.

Okta

Okta is a leading SSO provider that offers a reliable single sign-on service which integrates with all your web and mobile apps. Read more about setting up Okta for Bynder here or check the most frequenly asked questions about Okta below.

OpenID

Read more about OpenID here.

SSO FAQ

Does your application support SAML?

Yes, we support SAML.

What signing options are required by Bynder?

The SAML response must be signed.

What signing algorithm are supported by Bynder?

The RSA-SHA256 and RSA-SHA1 algorithms are supported, but Okta will default to the RSA-SHA256 algorithm since it's more secure.

Does Bynder support enabling force authentication?

We don't support configuring forceAuthn in the SAML request.

Does Bynder support SAML Single Logout (SLO)?

We don't support Single Logout (SLO).

What is the default relay state URL?

This value can be left empty.

Does Bynder have an OIN app in Okta?

Yes, we do.

Does your SSO setup support IdP/SP/both initiated login workflows?

Yes, we support both.

Does your SSO setup support provisioning (either through JIT or SCIM)?

We only support JIT.

Does your SSO setup support deprovisioning (through SCIM)?

No, we don't support this.

Is logging into SSO enforced or optional and can we force it if needed?

SSO login can be optional or enforced.

Are licenses automatically purchased if a new user is provisioned via Okta?

No, if you exceed your licenses you will be contacted by your Customer Success Manager to provision new seats or make other changes. 

Do you support custom attributes as either part of the SAML assertion, or part of SCIM?

Yes, we support SAML attributes. Read more about them here.

SSO Troubleshooting

Do you experience a technical issue with your SSO provider, such as ADFS, Okta or Azure? For any technical assistance we advise you to reach out to the technical support department of your SSO provider.

Bynder Support doesn't have access to your SSO provider and, therefore, can't further assist you with this type of enquiries.

Learn More