Custom authentication with miniOrange
- Sign in to the miniOrange admin console.
- Click Apps in the left menu, then click Add Application.
- Click Create App under SAML/WS-FED.
- Select Zoho from the apps displayed. You will land in the Basic Settings page.
- Type "Zoho One" in the Custom Application Name field.
- Enter the SP Entity ID or Issuer from the following table based on the Data Center (DC) your Zoho One account is present in.
Data Center | Corresponding Entity ID |
United States of America (US) | zoho.com |
Europe (EU) | zoho.eu |
India (IN) | zoho.in |
Australia (AU) | zoho.com.au |
China (CN) | zoho.com.cn |
- Enter the ACS URL in the ACS URL field.
- Click Next. You will land on the Attribute Mapping page.
- Select E-Mail Address under Name ID.
- Select urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress under NameID Format.
- Click Next. You will land on the Login Policy page. The Group Name is "DEFAULT" and cannot be edited.
- Enter a Policy Name and select a Login Method from the dropdown menu.
Note: NameID defines what the service provider expects in the subject element of the SAML response. NameID Format defines the format of the subject element content. Group Name refers to the group of users in your organization that have access to SAML SSO. Policy Name refers to the name of that policy which will be enforced for users who try to access certain apps that require single sign-on. Login Method refers to how users will sign in to their account.
- Click Save. You will be redirected to the APPS page.
- Click Select next to the Zoho One app you configured, then click Metadata.
- If you want to set miniOrange as your IdP, click Show Metadata Details under INFORMATION REQUIRED TO SET MINIORANGE AS IDP. Otherwise, if miniOrange acts as a broker service between your actual IdP and the SP, click Show Metadata Details under INFORMATION REQUIRED TO AUTHENTICATE VIA EXTERNAL IDPS.
- Click Download Certificate.
- Copy the SAML Login URL and SAML Logout URL, then use the information to set up SAML in Zoho One.
- Paste the SAML Login URL in the Sign-in URL field.
- Paste the SAML Logout URL in the Sign-out URL field.
- Browse and upload the X.509 Certificate in the Verification Certificate field.
Test the SAML connection
Add yourself to the group DEFAULT to test the connection.
- Go to Zoho One.
- Enter your email address, then click NEXT.
- Click Sign in another way.
- Click Sign in with SAML. You will be redirected to sign in through miniOrange.
Related Articles
Custom authentication with PingOne
Configure SAML with PingOne Go to PingOne. In the Select Account dropdown menu, select PingOne. Enter your email address, then click SIGN ON. Enter your password, then click Sign On. Click the dropdown menu in the left pane under Environments, then ...
Set up custom authentication for Zoho One
Custom authentication enables SAML-based single sign-on (SSO) from your preferred identity provider (such as Okta or OneLogin) to Zoho One. Once custom authentication is configured, your users can sign in without their Zoho One passwords. They will ...
Custom authentication with CyberArk
Configure SAML with CyberArk Sign in to the CyberArk admin console. Click Web Apps under Apps in the left pane. Click Add Web Apps, then search for "Zoho". Click Add next to the option Zoho - SAML. Click Yes in the pop-up window that appears, then ...
Custom authentication with OneLogin
Custom authentication with OneLogin enables SAML-based single sign-on (SSO) from OneLogin to Zoho One. With SSO, you and your employees can sign in to OneLogin and access Zoho One directly, without having to sign in to Zoho One. To set up custom ...
Custom authentication with Google
Custom authentication with Google enables SAML-based single sign-on (SSO) from Google to Zoho One. With SSO, you and your employees can sign in to Google and access Zoho One directly, without having to sign in to Zoho One. To set up custom ...