This is the doc for the new SAML connection
If you want to gain access to some new SSO features. Please contact your CSM
ReadMe partners with Auth0 for all SSO connections. Auth0 supports the following SAML 2.0 based SSO providers:
- Active Directory / LDAP
- G Suite
- IP Address Authentication
- Office 365
- OpenID Connect
- SAMLP Identity Provider
- Sharepoint Apps
- Microsoft Azure AD
Once users log in to ReadMe via the proper login URL
https://sso.readme.io/auth/login/YOUR_CONNECTION_NAME they will see all projects associated with the Enterprise account but will only get access to a project after they are added as a user under the members page by an existing Admin.
As of now, here is the flow for setting up an SSO connection with ReadMe
- Speak to the CSM to discuss necessary requirements. Usually, this consists of the ACS URL and the X509 Cert. Having these ready will definitely help with the process.
- On the call, we will discuss how you will use the connection.
- Sometimes, our customers will want to use the SSO connection to authenticate and authorize their customers (our end-user) to access the Hubs.
- In other scenarios, our customers will want to use the connection to authorize their own members to access the documentation.
- A ReadMe engineer will set up the connection in our service provider (Auth0) and the CSM will get back to you.
- You can test the connection and see that it is working.
By default, every member that signs in with SAML does not have access to the projects (either parent project or child project). The members that do, can log in, and request access for the project.
Thing to note
Just because they have access to SAML, does not mean they have access to a ReadMe project
There are two ways you can approve a member through our permission system:
- As an administrator, you can approve/reject requests for permission to access that project. So as members (internal/external) log into your authentication service, they can request access.
- After you have set up your SAML connection, you can add emails in the input form of the members dashboard. You can specify the usertype as "Read Only" or "Admin"
A user can also request access to a project and an Admin can accept or decline that request. In the members page, the admins can also specify whether a new user should be an Admin or Read Only.
Please reach out to your CSM to get started on an SSO connection