New Ebook // 2024: A Year of Identity Attacks

Push Help Center
Ready to help
Help for administrators
Help for admins
Help for employees
Help for employees
Help for administrators
/
Push admin console

Does the Push admin console support SAML login?

In this section:

Yes. The Push admin console can be configured to work with your SSO provider so that Push administrators can log in using SAML.

You can set up SAML yourself by logging in to the Push admin console and then going to Settings > Organization.

SAML configuration - Settings page - KB 10123

Select Setup and then follow the steps in the setup wizard:

  • Select custom SAML.

  • Then create a SAML application in your IdP. Push will provide you with a single sign-on URL and a service provider entity ID. See below for a downloadable Push logo you can use when creating the application.

  • Next, configure the connection between Push and your IdP by entering a metadata URL and, optionally, choosing whether to sign the request. Alternatively, you can manually upload an X.509 signing certificate and add an SSO login URL.

  • Then map the attributes between your IdP and Push for your administrator accounts.

  • Finally, test the integration.

SAML setup wizard - KB 10123

You can use one of these Push logos for the application you created in your SSO app catalog.

Push logo for SAML app creation - round - KB 10123
Push logo for SAML app creation - square - KB 10123

Platform-specific guidance on creating SAML apps

If you have additional questions about creating a SAML app on your IdP, refer to these guides provided by the vendor:

Workflow changes after you implement SAML

Once you’ve completed the SAML setup, you can log in to the Push admin console with IdP-initiated flows. Go to your newly created Push Security tile in your IdP and select it to log in.

SAML config enabled - Settings - KB 10123

Once logged in to the admin console, you should see yourself listed on the Settings page under Organization > Administrators with a login method of SAML.

Once your administrators have all logged in via SAML, you can clean up the older password-based admin records by removing them from the Administrators table.

To add additional administrators in the future, you no longer need to send invitations using the admin console. Access control is now managed via your IdP.

If you would like to enable SP-initiated flows on the Push admin login screen, please contact our support team.

SP config enabled - Settings - KB 10123

Note: if your organization already has a Push tenant set up with SAML and you attempt to create a new tenant, you will see an error message: “Your organization already has an existing tenant and it is connected with SSO.” Work with your organization’s Push administrator if you need to be added to the admin team.

Need more help?
Questions, feedback, tech support, sales support - anything you need.
We’ll get back to you within a day.