SAML Authentication

Article Number:02034

This page describes how to integrate an existing Identity Provider (IdP) with Kintone using SAML authentication.
When SAML authentication is enabled, users can single sign-on (SSO) into Kintone by using user accounts registered with IdPs such as Microsoft Entra ID and Okta.

IdPs That Can Be Integrated with Kintone

The permanent link has been copied.

Kintone can be integrated with IdPs that support SAML 2.0.

When SAML authentication is enabled, Kintone acts as a Service Provider (SP) and uses SP-initiated SSO. The following bindings are used for the SAML request and SAML response:

  • SAML request: HTTP Redirect Binding
  • SAML response: HTTP POST Binding

Services That Support SAML Authentication

The permanent link has been copied.
SAML authentication can be used in all subscription types.
However, Kintone guests cannot use SAML authentication.

Steps to Enable SAML Authentication

The permanent link has been copied.

Configure both the IdP and Kintone by following the steps below.
IdP settings should be configured in advance.

Registering information of Kintone with the IdP
Register the information required to configure Kintone as an SP with the IdP.
STEP 1: Registering Kintone with the IdP
Configuring SAML Authentication for Kintone
On Kintone, enable SAML authentication and set the information of the IdP.
STEP 2: Configuring SAML Authentication for Kintone
Enabling to Use Only SAML Authentication When Logging In
If required, you can configure to use only SAML authentication when logging in to Kintone.
If this setting is enabled, users will not be able to log in to the service using password authentication.
STEP 3: Enabling to Use Only SAML Authentication When Logging In

Setting Guide

The permanent link has been copied.

For details on how to set SAML authentication using IdP such as Microsoft Entra ID or Okta, refer to the following page:
Authentication and User Management