MURAL’s SSO (Single Sign-On) capabilities allow you to use a single set of login credentials across all types of MURAL apps like with web and mobile versions of MURAL. This process shows you how to set up SSO in MURAL.
To do this, you’ll need an IdP (Identity Provider). Common IdPs you can use include Microsoft Azure AD, Okta, OneLogin, and more.
Mural also allows for Just In Time Provisioning within SSO. We have Just In Time Provisioning enabled by default.
1. Download MURAL’s metadata file, here.
2. Go into your IdP and use this metadata file to configure the IdP. We cannot provide exact instructions on how to configure a specific IdP like Azure or OneLogin, because every IdP has a different interface. But eventually, your IdP should be able to generate a configuration XML file. If your IdP does not provide an XML file, you may manually enter the information in MURAL. Here is an example of what this process could look like in Okta:
Please configure these attributes:
1. Name ID - this should be formatted as emailaddress
3. First Name
4. Last Name
Email firstname.lastname@example.org and explain that you want to set up SSO.
In the email, include this required information:
a. IdP Metadata File
b. SAML Attribute names (aka claim attribute names) for Email, First name and Last name.
c. Domains (i.e. @customer.com) of your organization that should trigger the SSO login flow
Also in the email, you can include this optional information:
e. External ID. This is recommended if you have one. This is typically a unique identifier in your User Directory (e.g. employee identification number or user login) that wouldn't change even if the user's email changes.
*Specifications: In a MURAL Business plan, users need to be invited into the main workspace by the workspace admin. This is different than in a MURAL Enterprise plan where company admins can set up default workspaces that users can join automatically. For information on inviting users to a workspace, see this article.