SAML

Profound supports Enterprise SSO over the SAML protocol, allowing you to create authentication strategies for an IdP. The following IdPs have been validated as compatible: Microsoft Azure AD, Google Workspace, and Okta Workforce. However, Profound is designed to integrate with any other IdP that supports the standard SAML protocol.

Allow subdomains

Authenticating via SAML SSO requires the user’s email address domain to match the exact domain the SAML connection has been configured with. By default, subdomains are not supported. For example, a user with the email addressjohn-smith@dev.tryprofound.comwouldn’t be able to use a SAML connection with the tryprofound.com domain to authenticate.
To enable the subdomains option, your SAML connection domain must be an eTLD+1.

OIDC

Profound supports enterprise SSO by integrating with any OIDC-compliant provider.

Next Steps

Configure SAML SSO - Step-by-step guide for setting up SAML-based authentication Configure OIDC SSO - Instructions for implementing OIDC-based authentication

Support

To set up Enterprise SSO for your organization, please contact support@tryprofound.com.