SAML

Note: This login method is only available in the licensed Business + Enterprise editions

With the licensed edition it is possible use SAML authentication. Outline customers have successfully used Okta, Active Directory, Google SAML, OneLogin, and many others.

Configure Outline

Now we need to tell Outline where to find the SAML provider. Two new environment variables must be set inside of the environment (usually docker.env). Once the server is restarted, if all is setup correctly you should see a new option to “Continue with SAML” on the login screen.

Environment variable	Description
`SAML_SSO_ENDPOINT`	SSO Endpoint (also known as SSO URL, or SAML endpoint)
`SAML_CERT`	The public certificate, also known as `X.509 Certificate`. In a text editor delete the “-----BEGIN CERTIFICATE-----” and “-----END CERTIFICATE-----” text if they are included and all new lines. The resulting cert should be a single line.

Configure provider

We need to tell the SAML provider where to find Outline. You’ll need two pieces of information – the URL to complete authentication, and the Entity ID.

The URL (also known as ACS URL) is in the format of https://<your domain>/auth/saml.callback. The default entity ID is https://app.getoutline.com.