Submit a request

Articles in this section

See more

Single Sign On (SSO) Configuration

Avatar
Megan Eckelman
Updated
Follow

Introduction

Chime provides Single Sign-On (SSO) functionality for users to access the account through a single authentication source. As an administrator, you can enable SSO so that your members can use their company credentials to log in to all applications, including Chime. This requires you to configure SAML 2.0 between Chime and the identity provider. We support OneLogin, Okta, and Google.
This feature is only available to Chime Enterprise accounts.

Summary

What is SAML SSO?

SSO services allow a user to use one set of credentials (for example, an email address and password) to access multiple applications. The service authenticates the user only once for all the applications to which the user has been given permission when trying to log in to multiple applications.

Pre-requisites for SSO with Chime

  • Your Identity Provider (IdP) must support the SAML 2.0 standard.
  • Only Chime users with the permission "Manage User/Entire Company" enabled can configure SAML SSO for Chime. SSO is only valid for Enterprise and Multi-team packages.

Benefits of SSO

  • Streamlines user management across systems for team owners/admins.
  • Removes the need for end-users to remember and manage multiple passwords. Simplifies end-user's experience by allowing them to sign in at one single access point and enjoy a seamless experience across multiple applications.

 

Option to Require Login by SSO

The login method setting provides an option require all Chime users to sign into their Chime account, both website and mobile app, using Single Sign On (SSO). By default, if you have already set up SSO for your Chime account, the Login Method will be set to Any Method.01H8MFN74DTJWWEFDAGAJB97V6 (1434×936) and 8 more pages - Work 2 - Microsoft.. 2023-08-26 at 5.04.06 AM.jpeg

The permission to enable SSO is called the SSO Setting. You must have this permission enabled in order to enable or disable the SSO requirement.
01H8MFQ7GQPVZ9ZEZGT9X85PY2 (1436×938) and 7 more pages - Work 2 - Microsoft.. 2023-08-26 at 5.06.03 AM.jpeg


Configuration in Chime

To configure Single Sign On in your Chime account, follow these steps:

  • Navigate to the CMS tool. Within the Settings, select SSO Configuration
  • Toggle the setting On to get started

mceclip0.png

The SAML SSO Configuration modal is divided into two parts:
  1. Set Application in SSO Third Party: SSO URL and SP Entity ID. Copy and paste it to your Identity Provider (IdP)
  2. SAML identification: An IDP metadata XML needs to be uploaded. For more information on where to obtain this file, please refer to the IDP Setup below.

mceclip1.png

After you complete the SAML SSO configuration, the users in your team can log in Chime via SMAL SSO or through their original Chime account.

Identity Provider (IdP) Setup

Here, we've included instructions for setting up Chime SAML SSO with Google Workspace, Okta, and OneLogin. If you use a different Identity Provider and need assistance with configuration, please contact Chime support at support@chimeinc.com.

Google Workspace

Below, please see the reference documents for Google
Step 1: Create a new application integration
  1. Sign in to your Admin counsel at https://admin.google.com/.
  2. From the Admin console Home page, go to Apps > Web and mobile apps.
  3. Click Add App > Add custom SAML app.

SSO6.png

Step 2: Configure SAML Settings in Google Workspace
  1. In Chime, go to the Settings-->SSO Setting
  2. Copy the SSO URL and SP Entity ID from Set Application in SSO Third Party.
  3. Paste to the corresponding fields.

Single Sign On (SSO) Configuration – Chime Support (Chime Technologies, Inc.. 2023-08-26 at 4.56.28 AM.jpeg

4. Map the primary email to the email in-app attributes

SSO8.png

5. Turn on the service

SSO9.pngSSO10.png

Step 3: Configure SAML Settings in Chime

1. Download SAML Metadata

SSO11.png

2. Upload SAML Metadata to Chime and turn on the switch

SSO12.png

3. Turn on the SSO switch

 

Okta

Step 1: Add Chime to Okta's application

1. Log in to Okta. Make sure you are in the administrative instance of your Okta developer account.

2. Go to the Application tab, click Create App Integration

SSO13.png

 3. Click "Create New App"

4. Select Web as your platform and SAML 2.0 as your Sign-in method then click "Next".

SSO14.png

Step 2: Configure SAML settings in Okta
1. In Chime, go to the Settings-->SSO Setting
2. Copy the SSO URL and SP Entity ID from the Set Application in SSO Third Party.
3. Paste to the corresponding fields
SSO15.png
4. Click "People" and "Create Users"
SSO16.png
5. Activate the user and set a password
SSO17.png
Step 3: Configure SAML Settings in Chime
1. Copy IDP Metadata and format it in https://jsonformatter.org/xml-formatter
SSO18.pngmceclip0.png
mceclip1.png
2. Upload SAML Metadata to Chime and turn on the switch
SSO20.png

 

OneLogin

Step 1: Create a new application integration
1. Log in to OneLogin
2. Go to Applications
SSO21.png
3. Add a new SAML Custom Connector (Advanced) App
SSO22.png
Step 2: Configure SAML Settings in Chime
1. In Chime, go to the Settings-->SSO Setting
2. Copy the SSO URL and SP Entity ID from Set Application in SSO Third Party.
3. Paste to the corresponding fields.
SSO23.png
4. Click the Users tab in the top left and add yourself and any other users that should have access to private content to the OneLogin application you created.
5. The email must be the same as that used in the Chime account.
SSO24.png
6. Add the application for these users.
SSO25.png
7. Create a password for the users.
SSO26.png
Step 3: Configure Chime in OneLogin
1. Download SAML Metadata
SSO27.png
2. Upload SAML Metadata to Chime and turn on the switch
SSO28.png
3. Complete the configuration and your members can log in to Chime via SSO
If you encounter errors when setting up SAML SSO, check to make sure your IDP's metadata, SAML requests, and responses are valid XML against the SAML XSD schemas. You can do so using this online tool: https://www.samltool.com/validate_xml.php

Questions?

If you have any questions regarding this topic or any others, please reach out to our Support Team via email at <support@chimeinc.com>, by phone at 1 (855) 981-7557, or by a chat with us through your Chime CRM.

Related articles

Comments

0 comments

Please sign in to leave a comment.

All Rights Reserved.

Contact Us: support@chimeinc.com | 8:00 AM - 8:00 PM EST, Mon - Sun