Skip to main content
Question

Selecting an Idenity Provider for SAML/SSO

  • April 21, 2025
  • 5 replies
  • 39 views
KMallette
Hero II
Forum|alt.badge.img+9

Hello,

I need to setup an easy to administrate Identity Provider (IP) for a new Docebo platform I am launching. I’ve done SAML2.0 in Docebo previously, but this time I need to find the IP provider.

I need this provider to be SaaS, and have the ability to batch upload new approved users. I can’t use anything that requires an IT department to support it.

I also need to AVOID social media assignments, which it seems like Auth0 requires.

I know Okta using Auth0, I know of ID.me.

Anyone using/liking something else?

Thanks!!

KMallette, Surgical Training Institute (STI) (previously with Viasat, Inc.)
JZenker

5 replies

JZenker
Guide II
Forum|alt.badge.img+2
  • JZenker
  • Guide II
  • April 21, 2025

With something as technologically complicated as setting an IdP, I would only take suggestions from your IT team to mirror what’s allowed under their global policy. 

Are you looking to allow external users to login via SSO - is that where the need arose?

Setting something like this up is a large undertaking without an IT department. You can also take a look at PingFederate, or the easiest - Azure.

 

KMallette
R
Helper I
  • rterakedis
  • Helper I
  • April 21, 2025

It’s been a while since I’ve used them, but Okta (not Auth0, but the actual Okta platform) was a great SAML/SSO provider that was fairly vendor-agnostic, had nice workflow features, and was flexible about the format of the username.  I believe they also have a feature (okta integration network?) that was supposed to simplify SSO setup with a number of SaaS apps.  One of the things I particularly liked is their Developer Center documentation and the fact you can sign up for a developer org (basically like  trial of their software you can play/test with).   

That said, choosing an IDP is no small task:

  • Pricing Per User
  • Plans to integrate with other SaaS apps for SSO?
  • Is there already another IDP in place -- Google Workspace, M365 (Microsoft Entra ID), etc?

I know you say you can’t have an IT department support it, but complexity will depend on how many apps you plan to integrate with the IDP.   Also, if there are other directories/identities already in play (LDAP, Active Directory, Google/Microsoft, etc),

Honestly, I think you can batch create users directly in Docebo & branches.  I’d be curious to know why you would need a separate SAML/SSO provider than the one that may already be in use by the IT services in your org, or other resources at your org (i.e. any other places customers login, such as help desk ticket portals, knowledgebases, etc).

 

KMallette
KMallette
Hero II
Forum|alt.badge.img+9
  • KMallette
  • Author
  • Hero II
  • April 22, 2025

With something as technologically complicated as setting an IdP, I would only take suggestions from your IT team to mirror what’s allowed under their global policy. 

Are you looking to allow external users to login via SSO - is that where the need arose?

Setting something like this up is a large undertaking without an IT department. You can also take a look at PingFederate, or the easiest - Azure.

 

Hi, ​@JZenker Therein lies the greatest challenge … this company has NO IT department, NO IT stack, NO global policy. Google apps, SmartSheets, and WordPress is the sum total of their technology. Adding Docebo is a big step up for them.

My users will have a unique identifier granted by their industry. We need to use this ID to validate them into Docebo via an Auth0-type platform. I plan to load the IdP with these identifiers (routinely), so that if/when they come to create a Docebo account, the IdP will allow them in.

KMallette, Surgical Training Institute (STI) (previously with Viasat, Inc.)
KMallette
Hero II
Forum|alt.badge.img+9
  • KMallette
  • Author
  • Hero II
  • April 22, 2025

It’s been a while since I’ve used them, but Okta (not Auth0, but the actual Okta platform) was a great SAML/SSO provider that was fairly vendor-agnostic, had nice workflow features, and was flexible about the format of the username.  I believe they also have a feature (okta integration network?) that was supposed to simplify SSO setup with a number of SaaS apps.  One of the things I particularly liked is their Developer Center documentation and the fact you can sign up for a developer org (basically like  trial of their software you can play/test with).   

That said, choosing an IDP is no small task:

  • Pricing Per User
  • Plans to integrate with other SaaS apps for SSO?
  • Is there already another IDP in place -- Google Workspace, M365 (Microsoft Entra ID), etc?

I know you say you can’t have an IT department support it, but complexity will depend on how many apps you plan to integrate with the IDP.   Also, if there are other directories/identities already in play (LDAP, Active Directory, Google/Microsoft, etc),

Honestly, I think you can batch create users directly in Docebo & branches.  I’d be curious to know why you would need a separate SAML/SSO provider than the one that may already be in use by the IT services in your org, or other resources at your org (i.e. any other places customers login, such as help desk ticket portals, knowledgebases, etc).

 

Hi, ​@rterakedis I don’t need a separate IdP, I need any IdP. There are no other apps that need to be authenticated, just Docebo. My users will have a unique identifier granted by their industry. We need to use this ID to validate them into Docebo via an IdP. I plan to load the IdP with these identifiers (routinely), so that if/when they come to create a Docebo account, the IdP will allow them in.

We’re looking at Okta, but the Auth0 platform because they have a self-serve free subscription for 25,000 MAU. This will more than cover our needs. I’ve used Okta in the past, very successfully. The Auth0 setup isn’t beyond my skills, just a really heavy lift. Hence my looking a bit further afield.

KMallette, Surgical Training Institute (STI) (previously with Viasat, Inc.)
JZenker
Guide II
Forum|alt.badge.img+2
  • JZenker
  • Guide II
  • April 22, 2025

With something as technologically complicated as setting an IdP, I would only take suggestions from your IT team to mirror what’s allowed under their global policy. 

Are you looking to allow external users to login via SSO - is that where the need arose?

Setting something like this up is a large undertaking without an IT department. You can also take a look at PingFederate, or the easiest - Azure.

 

Hi, ​@JZenker Therein lies the greatest challenge … this company has NO IT department, NO IT stack, NO global policy. Google apps, SmartSheets, and WordPress is the sum total of their technology. Adding Docebo is a big step up for them.

My users will have a unique identifier granted by their industry. We need to use this ID to validate them into Docebo via an Auth0-type platform. I plan to load the IdP with these identifiers (routinely), so that if/when they come to create a Docebo account, the IdP will allow them in.

Wishing you the best with this project! Be sure to make more posts if you need help - 

Terms & ConditionsCookie settingsAccessibility statement