Enterprise

Single sign-on for your entire team

SAML 2.0 SSO with Okta, Azure AD, OneLogin, and any standards-compliant identity provider. Set up in minutes, not days.

Okta Azure AD OneLogin Google Workspace Any SAML 2.0

How SSO works with Xplorr

1

Admin configures IdP metadata URL

Paste your identity provider's SAML metadata URL into Xplorr. We auto-parse the SSO URL, certificate, and entity ID.

2

Xplorr returns SP metadata

Copy the Xplorr service provider metadata (ACS URL, entity ID, certificate) back into your IdP to complete the trust relationship.

3

User types email, SSO auto-detected

When a user enters their corporate email, Xplorr detects the domain is SSO-enabled and shows the "Continue with SSO" button.

4

Redirect, authenticate, land on dashboard

The user is redirected to your corporate IdP, authenticates with existing credentials, and lands on their Xplorr dashboard.

SSO that works the way you expect

  • Auto-provisioning — new users get an account on first SSO login
  • Configurable default role for auto-provisioned users
  • Email domain detection for automatic SSO routing
  • Mandatory SSO enforcement — disable password login org-wide
  • Password fallback for designated break-glass admins
  • Multiple SSO configurations per organization
xplorr -- sign in

Sign in to Xplorr

Email address

[email protected]
SSO is required for acmecorp.com
Continue with Okta
Redirecting to your corporate identity provider

Supported identity providers

Works with every major identity provider out of the box.

Okta

Full SAML 2.0 integration with auto-provisioning

Azure AD

Enterprise application with SCIM support

OneLogin

SAML connector with role mapping

Auth0

SAML connection with custom claims

Google Workspace

SAML app with domain-wide delegation

PingFederate

SP-initiated SSO with signed assertions

Any SAML 2.0 IdP

Generic SAML 2.0 metadata URL or manual configuration

How SSO is secured

  • SAML assertion signature validation on every login
  • Replay prevention with one-time assertion IDs and timestamps
  • Encrypted SAML assertions supported (AES-256)
  • All SSO events logged in the organization audit trail
  • Session tokens issued after SAML validation with short TTL
  • IdP-initiated and SP-initiated flows both supported

Set up SSO in 5 minutes

Paste your IdP metadata URL, copy the SP metadata back, and your team is signing in with corporate credentials.

Get started free