User experience when using SAML 2.0 with Okta
We're testing the use of SAML 2.0 for authenticating to Smartsheet. The default login page doesn't include the "Your Company Account" option. It seems users have to somehow know to type in their email address (without a password) and click Log In, at which time Smartsheet recognizes which authentication methods are available for your domain. Then the user needs to click again to login. This just doesn't make for a smooth or user-friendly single-sign-on experience.
Does anyone have any experience implementing SAML 2.0 and have any tips on how to make the user experience better?
Fig 1 - Normal Log In page (notice missing "Your Company Account")
Fig 2 - Login page after entering email address and clicking Log In button
Best Answer
-
What you're seeing/describing is the user experience for the very first time logging in - you are correct that the email needs to be entered in order for the login to recognize what options are available for that account. (See: Available Sign In Options)
However, once the browser has stored cookie data after this initial login, then the next time they access this page it should automatically skip to your second image and show the available options for that user.
Another detail that may help make this login experience smoother is adding in a CNAME to your configuration which will automatically send your users to a company specific URL when they enter their email. See step 4 in this article, and the section labelled "Direct People to Sign in at a Friendly CNAME URL".
Cheers,
Genevieve
Need more help? 👀 | Help and Learning Center
こんにちは (Konnichiwa), Hallo, Hola, Bonjour, Olá, Ciao! 👋 | Global Discussions
Answers
-
What you're seeing/describing is the user experience for the very first time logging in - you are correct that the email needs to be entered in order for the login to recognize what options are available for that account. (See: Available Sign In Options)
However, once the browser has stored cookie data after this initial login, then the next time they access this page it should automatically skip to your second image and show the available options for that user.
Another detail that may help make this login experience smoother is adding in a CNAME to your configuration which will automatically send your users to a company specific URL when they enter their email. See step 4 in this article, and the section labelled "Direct People to Sign in at a Friendly CNAME URL".
Cheers,
Genevieve
Need more help? 👀 | Help and Learning Center
こんにちは (Konnichiwa), Hallo, Hola, Bonjour, Olá, Ciao! 👋 | Global Discussions
-
@Genevieve P. Thank you! We're setting up the CNAME right now and I didn't realize about the cookies. Once I cleared the app.smartsheet.com cookie from my browser, I was able to get it to remember this when I tried to login again. With some instruction, the user experience with SAML (Okta) will be much better going forward.
-
No problem! I'm glad this will be better for you going forward. 🙂
Need more help? 👀 | Help and Learning Center
こんにちは (Konnichiwa), Hallo, Hola, Bonjour, Olá, Ciao! 👋 | Global Discussions
Categories
- All Categories
- 14 Welcome to the Community
- Smartsheet Customer Resources
- 63.9K Get Help
- 410 Global Discussions
- 220 Industry Talk
- 458 Announcements
- 4.8K Ideas & Feature Requests
- 143 Brandfolder
- 136 Just for fun
- 57 Community Job Board
- 459 Show & Tell
- 31 Member Spotlight
- 1 SmartStories
- 298 Events
- 37 Webinars
- 7.3K Forum Archives