DraftPilot Help Center
Need help with DraftPilot?
In this article
Service provider informationSetting up SAML with Microsoft Entra ID (Azure AD)Step 1: Create Enterprise ApplicationStep 2: Configure Single Sign-OnStep 3: Configure User AttributesStep 4: Get Azure ConfigurationStep 5: Assign UsersSetting up SAML with OktaStep 1: Create SAML applicationStep 2: Configure SAMLStep 3: Configure attribute statementsStep 4: Get Okta metadata URLStep 5: Assign users
Home
Getting Started & AI Reviews

SAML and OKTA single sign-on

Edited

Configure SAML authentication for your organization. Users will be able to sign in using their company identity provider.

Service provider information

These values identify DraftPilot to your identity provider. They are shown on the organization SAML settings page for your account; the production values are:

Field

EU instance

US instance

Entity ID

https://api.draftpilot.ai/saml

https://api-us.draftpilot.ai/saml

ACS URL

https://api.draftpilot.ai/auth/saml/callback

https://api-us.draftpilot.ai/auth/saml/callback

Metadata URL

https://api.draftpilot.ai/auth/saml/metadata

https://api-us.draftpilot.ai/auth/saml/metadata

Setting up SAML with Microsoft Entra ID (Azure AD)

Step 1: Create Enterprise Application

  1. Sign in to the Azure Portal

  2. Go to Microsoft Entra ID → Enterprise applications

  3. Click "New application" → "Create your own application"

  4. Name it "DraftPilot" and select "Integrate any other application you don't find in the gallery"

Step 2: Configure Single Sign-On

  1. In your new application, go to "Single sign-on" → Select "SAML"

  2. In "Basic SAML Configuration", click "Edit" and enter:

    • Identifier (Entity ID): your DraftPilot Entity ID (see Service provider information above)

    • Reply URL (ACS URL): your DraftPilot ACS URL (see Service provider information above)

Step 3: Configure User Attributes

  1. In "Attributes & Claims", ensure these mappings:

    • Unique user identifier: user.mail

    • Email: user.mail

    • Name: user.displayname

Step 4: Get Azure Configuration

  1. In "SAML Certificates" section, find App Federation Metadata Url

  2. Copy that URL (it starts with https://login.microsoftonline.com/)

  3. Paste it in the "Identity Provider Metadata URL" field on the left

  4. Click "Fetch Metadata" to auto-populate Entity ID, SSO URL, and Certificate

  5. Verify the fields are populated, then enable SAML SSO toggle above

Step 5: Assign Users

  1. Go to "Users and groups" in your Azure application

  2. Click "Add user/group" to assign users or groups access

Setting up SAML with Okta

Step 1: Create SAML application

  1. Sign in to the Okta admin console

  2. Go to Applications → Applications

  3. Click "Create App Integration" → select "SAML 2.0" → Next

  4. Set App name to "DraftPilot" and click Next

Step 2: Configure SAML

  1. On the "Configure SAML" step, enter:

    • Single sign-on URL: your DraftPilot ACS URL (see Service provider information above)

    • Audience URI (SP Entity ID): your DraftPilot Entity ID (see Service provider information above)

  2. Set Name ID format to "EmailAddress" and Application username to "Email"

Step 3: Configure attribute statements

  1. Under "Attribute Statements (optional)", add these mappings:

    • Email: user.email

    • Name: user.firstName + " " + user.lastName

Step 4: Get Okta metadata URL

  1. On the "Feedback" step, choose "I'm an Okta customer adding an internal app" and click Finish

  2. Open the "Sign On" tab of the new application

  3. Find the "Metadata URL" link and copy its address

  4. Paste it in the "Identity Provider metadata URL" field on the left

  5. Click "Fetch" to auto-populate Entity ID, SSO URL, and Certificate

  6. Verify the fields are populated, then enable SAML SSO toggle above

Step 5: Assign users

  1. Open the "Assignments" tab in your Okta application

  2. Click "Assign" → "Assign to People" or "Assign to Groups" to grant access

Need help? Contact support at support@draftpilot.ai

Home
Powered by Front