Turtl users can utilize their SSO credentials to work on their Turtl Docs from a variety of platforms
Learn how to enable logging in to Turtl with Azure AD
Audience URI / SP Entity ID (first field highlighted on the screenshot) – https://%cname%
Reply URL (Assertion Consumer Service URL) – https://%cname%/user/login/callback
Audience URI (SP Entity ID) – https://%tenant%.turtl.co (first field highlighted on the screenshot)
Reply URL (Assertion Consumer Service URL) – https://%tenant%.turtl.co/user/login/callback
Before getting started: To configure this integration you'll need to have an Okta account with admin privileges. If you don’t have admin privileges, please contact your account administrator.
Click on the down arrow next to ‘Applications’ in the menu on the left-hand side and click ‘Applications’.
Single sign-on URL – https://%cname%/user/login/callback
Audience URI (SP Entity ID) – https://%cname%
Name ID format - ‘EmailAddress’.
Application username - ‘Email’.
Leave all the other fields blank and click ‘Next’.
Select ‘I'm an Okta customer adding an internal app’ and click ‘Finish’.
Single sign on URL – https://%tenant%.turtl.co/user/login/callback
Audience URI (SP Entity ID) – https://%tenant%.turtl.co
You should now be on the ‘Sign On’ tab of the new app.
Before you continue to the setup instructions, make sure you assign access to everyone who needs to use Turtl under the 'Assignments' tab.
Anyone who isn't on the list will not be able to use the Turtl app.
Identity Provider Single Sign-On URL
Identity Provider Issuer
X.509 Certificate
Please send Identity Provider Single Sign-On URL and certificate via this form. We will then finish the integration on our end and let you know once everything's complete.
Only users who already have access to Turtl (i.e. are on the Turtl users list) will be able to log in to Turtl admin tool via Okta SSO and have access according to permission of their user role.
Anyone who isn't added to the Turtl app, but has been assigned access to Turtl via Okta, will be able to view Turtl Docs that are set to the ‘Anyone at my company’ access control.
You can set SSO protection for both published Docs and drafts in Doc settings.
Configure your ACS (Assertion Consumer Service) URL to listen for the following IdP requests and Entity ID.
ACS URL (Reply URL) – https://%cname%/user/login/callback
Identifier (Entity ID) – https://%cname%
Please provide the below SSO details via this form.
We'll then enter it on our end.
A sign on URL (an HTTPS endpoint of your identity provider - IdP) for single sign-on requests, which is available in your IdP configuration.
For example, if you're using Google's SSO, your IdP URL might look something like this: https://accounts.google.com/o/saml2/idp?idpid=A00abc2z1
ACS URL (Reply URL) – https://%tenant%.turtl.co/user/login/callback
Identifier (Entity ID) – https://%tenant%.turtl.co
A sign-on URL (an HTTPS endpoint of your identity provider - IdP) for single sign-on requests, which is available in your IdP configuration.
For example, your certificate might look something like this:
-----BEGIN CERTIFICATE-----MIIDdDxxalTgddIisPIGddivnlAZda0GddqGwIbcDQEBddtadcwAlDddBgNVBaoTA0dvb7dwZwBJbddtdRTwlaTDVQQcEw4NbcVtdGlpbiBWddVcdQ8wDQTDVQQDEwZcb79nbGtAGDddBgNVBddTD0dvb7dwZwBGbcIgV79TazELdakGa4tEBcdAVVdAEzaRBgNVisPTAkNcbGldbcJtddEwccANdTkwdjaTdTkAdDE0WcANdjQwdjxxdTkAdDE0WjB7dRQwEgTDVQQKEwtcb79nbGtgwWPjLjEWdBQGa4tEBAdNTW94bnRcdd4gVdlldzEPda0Ga4tExxdGR79vZ7AldRgwlgTDVQQLEw9cb79nbGtgRd9TIldvAdwAAzaJBgNVBaTTalVTdRdwEQTDVQQIEwpDTWApZd9TbdlcdIIBIjaNBgkqckiG9w0BaQElxxOxxQ8adIIisPKxxQEanIjPpEdt7w7dgxx77Qt4jA9dl7PBObZtwdPWjdZO74li4OpaPWddlALJAtegPTVdAGgAen9VlONRddTcgjrwi0T7tQAPcvPwcDlPwT0G94oD0legtw8ldT+7lnP8RZ0kPanz/KklDtnWTiGw8vaRltV/n/iAKw7ToAkilwlEq40tddwjP0QOwEcKD7Jvwoz0ZTlEL4DELT7KAjctTOTat0+9nLPRJA4OdtDLzlwAjcLADwwWog9wcQ7PZR+ojlLATwlN0Gw7ijlpaot40tBakp8ibzt0LAtAGE+77kdl7tq0LAGj7KcDzllATTAqVkdVeVtAQo0EdPwZo/tAQrtN4wIDaQaBda0GddqGwIbcDQEBddtaa4IBaQBg0TqoA7wGxxTg8WWpAKo4OrwRZAqldTcWodq4DEkEdclaOBPcTPANBv4A+rAcloid9adPe4IVTTOqZcecczcTtwltqc7zdgA7lV4OdtAIwt0QcdlIBWK7qlwOpv+8g7pGAza9w+zPwVLV7jlq/QdtcocTtgnd7AVogd7RDPTANwc9Ajwde7LTGwAjaikPdlc0JIpdIaTTcwVzcQJLbZEoZzZ4xxNbaiqlPlnKwwWKRTBlA/BATTd/TcnKnjkBPT8pgQAIlDQVjK89coevpPdnTcDDncwANgGbzA4dTWoN0dww4lel/jc7AdcpTaE8dcJT4GdDqPI9vtd0lAGE0tT8-----END CERTIFICATE-----
nameID
After we enter these details on our end, you'll be able to log in to Turtl via SSO.