Skip to main content

SSO (SAML) support in Clayton

Which providers does Clayton work with? How is it configured?

David Martin avatar
Written by David Martin
Updated yesterday

How to Set Up SSO

Setting up SSO involves a few straightforward steps, ensuring a smooth and secure connection between your identity provider and Clayton.

Initiate Setup & Verify Your Email Domain

Before SSO can be enabled, you'll need to verify your domain to confirm ownership. This is a crucial security step and with out you will not be able to enable SSO.

To verify your domain:

  1. Click your workspace icon in Clayton.

  2. Go to General > Domain.

  3. Select New Domain.

  4. Enter the domain you wish to verify.

  5. You will now be provided a verification code

  6. Navigate to the DNS record section of your domain host.

  7. Create a TXT record using the verification code provided by Clayton as the value.

  8. Once the TXT record is created, return to Clayton and click Verify.
    ​

Please note: DNS record updates can take up to 48 hours to propagate. You can check if your DNS record is publicly accessible using a tool like dnschecker.org.


Configure Your Identity Provider & Share Parameters

Once your DNS record has successfully updated, contact the Clayton team via the in-app chat (bottom right of your screen).

We will then create and provide you with the Service Provider (SP) parameters you'll need to configure within your chosen Identity Provider (Okta, Azure AD, OneLogin):

Parameter

Value

Relying Party (or ServiceProvider) Single Sign-On URL

(Provided by Clayton)

Relying Party (or ServiceProvider) Single Log-Out URL

(Provided by Clayton)

Relying Party (or ServiceProvider) Metadata URL

(Provided by Clayton)

Once you've configured these settings in your Identity Provider, please gather the following information from it and share it with the Clayton team:

Parameter

Value

Asserting Party (or IdentityProvider) Issuer

(From your Identity Provider)

Asserting Party (or IdentityProvider) Single Sign-On URL

(From your Identity Provider)

Asserting Party (or IdentityProvider) Metadata URL

(From your Identity Provider)

[Optional] After LogOut Redirect URL

(From your Identity Provider)

Activation

After you have provided this information to the Clayton team, we complete some final check and then activate your SSO integration. We'll then notify you once it's live and ready for your team to use!

Did this answer your question?