With Single Sign-On, you and more colleagues can access HappySignals easily. Activating SSO is free – Admins can do it from Settings.
HappySignals supports Single sign-on (SSO) using the industry standard Secure Assertion Markup Language (SAML). The SSO support enables an organization to manage HappySignals users using your existing infrastructure, such as an Active Directory maintained by the organization, or an identity management service provider such as OneLogin or Okta.
Data and privacy with SSO activated
When SSO is activated for your organization, HappySignals does not store any password information about users. Instead, your organization uses the SSO service to enable and disable access for your users.
HappySignals does however store limited information about users that is necessary for using the application: first- and last name, as well as email address. In addition, any data that users create on the platform is also stored, such as Shortcuts or Milestones.
HappySignals regularly maintains this data by removing any account that has not been used in the last 6 months. Account removal deletes all information about the user and any private items the user may have created.
Setting up SAML-based SSO
Only users with a HappySignals Administrator role can set up SSO for the organization. If you are an admin, activate SSO by starting from Settings > SSO.
Information that your IT team needs to provide to HappySignals
To configure SSO for your organization, HappySignals needs to receive three pieces of information provided by your IT team:
- Entity ID: Unique identifier for your SAML server (Identity Provider)
- Single Sign-on Service URL: The remote login URL for your SAML Server (Identity Provider), also known as the SAML Single Sign-On URL in some services.
- Certificate: The signing certificate in X.509 format that the SAML Server uses to digitally sign login details that are passed back to HappySignals.
Alternatively, if you have a metadata XML file that contains all the necessary details above to set up SSO on the HappySignals side, simply upload the file with the button in the top right.
Information that your IT team needs from HappySignals
To set up SSO for HappySignals, your IT team will need the following details:
- Entity ID: the Audience URI, also known as SP Entity ID
- Assertion Consumer Service (ACS) URL for your instance
Generally, these can be formed by appending /sso/saml to your HappySignals instance URL. For example, if the instance URL is
https://acmecorp.emea.happysignals.com
Both the ACS and Audience URI will be
https://acmecorp.emea.happysignals.com/sso/saml
Additionally the SAML server needs to be configured to provide the first and last name of the user, as well as his or her email address. Please ask your IT team to provide these details in the following fields (SAML Attribute Statements)
| Attribute name | Description | URI |
| firstName | Users first name (given name) | http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname |
| lastName | Users last name (family name) | http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname |
| Email address of user | http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress |
If you wish, you can also download these settings in an XML file and provide that to your IT team. Download our XML metadata file from the link on the right of the SSO setup page (marked below).
Alternatively, if your instance address is https://acmecorp.emea.happysignals.com, you can download the metadata by amending the address to https://acmecorp.emea.happysignals.com/sso/saml/metadata
.png?width=688&name=SSO%20setup-3%20(1).png)