Single Sign-On (SSO) allows you to manage authentication using your organization’s Identity Provider (IdP). Users can log in with their existing corporate credentials, which improves both security and user experience by reducing password fatigue and centralized access control.
Solink uses the SAML 2.0 protocol to support SSO integrations.
Solink SSO Integrations
Solink supports the SAML 2.0 protocol and works with:
Azure Active Directory (AD)
Okta
OneLogin
JumpCloud
Note: Creating an SSO integration can be a lengthy process involving our Enterprise, Product and Engineering teams. Please be aware that an SSO integration may come with added costs and limitations.
SSO Flow Types
Solink supports both of the following SSO flow:
IdP-Initiated: Users log in by clicking the Solink title from your corporate dashboard.
SP-Initiated: Users visit solinkcloud.com, enter their email, and are redirected to your IdP.
Basic SSO: Users authenticate via their Identity Provider. All permissions, roles, and location access are manually assigned in Solink.
Advanced SSO: In addition to authentication, user roles and location groups are automatically provisioned based on attributes from the Identity Provider.
SSO Authentication Workflows
SSO integrations support two authentication workflows:
1. SP-Initiated (Mandatory)
With the SP-initiated flow, users will be redirected to their identity provider login page when they type in their corporate email address on solinkcloud.com.
2. IdP-Initiated (Optional)
With the IdP-initiated flow, users can select the Solink icon within the IdP service's dashboard to log in.
How to Configure SSO
To configure SAML-based SSO with Solink, first ensure you have your unique customer identifier (e.g., XXXXX). Please contact your Customer Success Manager to obtain your unique customer identifier.
Then, follow the steps below:
In your Identity Provider, enter the following SAML connection details:
SP Entity ID: urn:auth0:solink:XXXXX
Reply URL (ACS): https://solink.auth0.com/login/callback?connection=XXXXX
Name ID Format: Email address (should be unique and persistent).
Required attributes:
name: Full name of the user.
email: Email address of the user.
(Optional: Role and Location Provisioning): If using role and location-based access, configure the following additional attributes:
role: Solink user role (e.g., Manager, Admin). Only one value is supported per user.
locationGroups: Comma-separated list of location group IDs (as defined by your team)
locationList: Comma-separated list of store numbers (must match store numbers defined under an existing data integration)
Important Notes for This Step:
At least one of locationGroups or locationList must be present (you may include both).
Values are case-sensitive.
To grant access to all locations, include _ALL_LOCATIONS_ in either locationGroups or locationList.
All role values and locationGroups must be pre-configured in Solink.
locationGroups must not include individual store IDs. Use locationList to assign specific store numbers.
Send the following information to your Solink Customer Success Manager:
Your Sign-on URL
X.509 Certificate
A list of supported email domains
(Optional) Federation Metadata XML or Metadata URL (Azure/ADFS can auto-generate this)
If you're using role and location-based access provisioning, you can also send your list of user roles and location groups, and Solink can assist with configuring them in your environment.
Solink will validate these configurations and complete the setup.
Need Help with SSO?
If you're interested in enabling SSO or want to configure role and location-based provisioning, please contact your Customer Success Manager or email product@solinkcorp.com for setup or troubleshooting assistance.