Privacy Bee supports SAML which allows you to use your own Identity Provider in order for your employees to log into Privacy Bee’s system. Below you will find instructions on how to setup SAML. This page will include the generic instructions that are applicable to the SAML specification, or you can check our the links below that will give specific examples across various Identity Providers.

Privacy Bee supports SP (Service Provider) initiated SSO login. Which means that users will come to Privacy Bee and when they attempt to login with their email it will redirect them to your Identity Provider to verify credentials and afterwards they will be redirected back to the Privacy Bee application and be logged in.

Configuration Instructions

Getting the information from your Identity Provider needed for Privacy Bee

• You will go to your idP (Identity Provider) and find the section for setting up SAML Applications, nomenclature varies amongst providers however they are typically setup as Apps or they have a dedicated section for SSO with SAML applications.
• You will want to create a new SAML application which will give you the information you need that needs to be input into Privacy Bee. The information you are looking for is
  • SSO URL or sometimes called Login URL
  • Entity ID
  • x509 Certificate

Setting up Privacy Bee

If you navigate to your Business Settings page and select Authentication you will see three boxes in the SAML Identity Provider section. You will want to copy the 3 fields from your idP here and click Update.

Setting up your Identity Provider

• You will notice on the Privacy Bee page there are two URLs (Entity ID and ACS/Login URL). These need to be input into your Identity Provider.
• The final thing to look for is the Name ID you will want to make sure that the Name ID is specified as Email which is usually the default.
• Once you save those settings in your idP you should be ready to test logging in.

Testing login

We do not recommend turning of PIN login until you have confirmed that you are able to successfully login via your Identity Provider.

Return to the Privacy Bee App and you will want to logout which will take you to the login screen. Enter your email as normal and when you login you will be prompted to either Login With Code or Login With SSO. Choose SSO and you should be redirected to your Identity Provider where you will login as you normally do. Once authenticated you will be returned to the Privacy Bee application and be logged in there as well.

If you get any errors during the Login process go back and verify that all URLs were copied correctly as it is most likely related to an issue with one of the URLs being incorrect either in Privacy Bee or in your Identity Provider.

If you continue to have issues please do not hesitate to reach out to your Account Manager who will always be happy to help.