mirrors/n8n-docs
2
0
Fork 0
mirror of https://github.com/n8n-io/n8n-docs.git synced 2025-11-20 17:48:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
5b3800a67f
n8n-docs/docs/user-management/saml/setup.md
Justin Ellingwood a7dc52d6e1
Change repo links to absolute file paths (#2829) 
Co-authored-by: Nick Veitch <nick.veitch@n8n.io>
2025-02-11 17:40:26 +00:00

3.5 KiB
Raw Blame History

title description contentType
Set up SAML Generic setup instructions for using SAML SSO with n8n. howto

Set up SAML

/// info | Feature availability

  • Available on Enterprise plans.
  • You need access to the n8n instance owner account to enable and configure SAML

Available from version 0.225.0. ///

This page tells you how to enable SAML SSO (single sign-on) in n8n. It assumes you're familiar with SAML. If you're not, SAML Explained in Plain English{:target=_blank .external-link} can help you understand how SAML works, and its benefits.

Enable SAML

  1. In n8n, go to Settings > SSO.
  2. Make a note of the n8n Redirect URL and Entity ID.
    1. Optional: if your IdP allows you to set up SAML from imported metadata, navigate to the Entity ID URL and save the XML.
    2. Optional: if you are running n8n behind a load balancer make sure you have N8N_EDITOR_BASE_URL configured.
  3. Set up SAML with your IdP (identity provider). You need the redirect URL and entity ID. You may also need an email address and name for the IdP user.
  4. After completing setup in your IdP, load the metadata XML into n8n. You can use a metadata URL or raw XML:
    1. Metadata URL: Copy the metadata URL from your IdP into the Identity Provider Settings field in n8n.
    2. Raw XML: Download the metadata XML from your IdP, toggle Identiy Provider Settings to XML, then copy the raw XML into Identity Provider Settings.
  5. Select Save settings.
  6. Select Test settings to check your SAML setup is working.
  7. Set SAML 2.0 to Activated.

Generic IdP setup

The steps to configure the IdP vary depending on your chosen IdP. These are some common setup tasks:

  • Create an app for n8n in your IdP.
  • Map n8n attributes to IdP attributes:
    Name Name format Value (IdP side)
    ttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress | RI Reference | ser email |
    ttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/firstname | RI Reference | ser First Name |
    ttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/lastname | RI Reference | ser Last Name |
    ttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn | RI Reference | ser Email |

Setup resources for common IdPs

Documentation links for common IdPs.

IdP Documentation
Auth0 Configure Auth0 as SAML Identity Provider: Manually configure SSO integrations{:target=_blank .external-link}
Authentik Applications{:target=_blank .external-link} and the SAML Provider{:target=_blank .external-link}
Azure AD SAML authentication with Azure Active Directory{:target=_blank .external-link}
Keycloak Choose a Getting Started{:target=_blank .external-link} guide depending on your hosting.
Okta n8n provides a Workforce Identity setup guide
PingIdentity PingOne SSO{:target=_blank .external-link}