Birdie
HomepageLog inSign up
Birdie Documentation
Birdie Documentation
  • 👋START HERE
  • What is Birdie?
  • Getting started
  • Invite teammates
  • 🎥Request Screen Recordings
    • Overview
    • Installation
      • 🧩Helpdesk Integrations
      • 🎨Customize Appearance
      • 👾Snippet
      • 🌐Browser compatibility
      • 🌎Languages
      • 🔌Web SDK
      • 🔗Universal Request Link
    • DevTools: Console Logs & Network Requests
    • AI Summary
    • Misc.
      • Forward recordings
      • Routing rules for folders
      • API
      • How-to's Library
  • 🎥Record my screen
    • Overview
    • Install Chrome extension
    • Recording Options
    • DevTools: Console Logs & Network Requests
    • Keyboard Shortcuts
    • Incognito Mode
    • Troubleshooting
      • How to quickly fix common recording errors
      • How to troubleshoot Microphone issues in Birdie Extension
      • How to troubleshoot Screen Recording issues in Birdie Extension
  • 🧩Helpdesk
    • 🟤Zendesk
      • Installation
      • Flows
        • Human Request
        • Zendesk Macros
        • Zendesk Ticket Form
        • Zendesk Auto-Reply
        • Zendesk AI Agents
        • Zendesk Agent Signature
        • Zendesk Widget (Classic)
      • Misc.
      • Analytics
      • Uninstall
    • ⚫Intercom
      • Installation
      • Flows
        • Human Request
        • Intercom Workflows
        • FIN
        • Intercom Messenger Home
        • Misc.
        • Analytics
    • 🟢Freshdesk
      • Installation
      • Flows
        • Human Request
        • Portal
        • Canned Answers
        • Auto Reply
        • Agent Signature
      • Analytics
    • 🟢Freshchat
      • Installation
      • Flows
        • Manual Request
    • 🔵Jira Service Management
      • Installation
      • Flows
        • Human Request
        • Customer Portal
      • Uninstall
    • 🟣Help Scout
      • Installation
      • Flows
        • Human Request
        • Saved Replies
        • Auto Reply
    • 🔵Salesforce Service Cloud
      • Request link - Installation
      • Flows
        • Human Request
        • Ticket Form
    • Others
      • 🟠Happyfox
        • Installation
        • Flows
          • Human Request
          • Support Center Ticket Form
      • ⚫Ada
      • 🟣Forethought
      • 🟠Hubspot
        • Flows
          • Human Request via Snippet
      • ⚫Service Now
        • Flows
      • 🟣Front
        • Flows
      • 🟢Zoho Desk
        • Flows
      • 🔵Crisp
        • Flows
      • ⚪Other Helpdesk
        • Flows
          • Human Request
          • Ticket Form
  • 🔐Security
    • Storage Location
    • Hide sensitive data
    • Auto data deletion
    • Recordings Privacy Settings
      • Incoming Recordings: Only Workspace Members Can Watch
      • Outgoing Recordings: Only Workspace Members + Selected Individuals Can Watch
    • GDPR opt-in
    • Two-factor authentication
    • Remote log out
    • SAML SSO
      • Setup SSO with Okta
    • SCIM
      • Okta settings
Powered by GitBook
On this page
  • ​Setup on Birdie
  • ​Setup on the IdP
  • Custom Attributes
  • ​Creating end-user accounts
  • ​Removing accounts
  • ​Security notice
  1. Security

SAML SSO

Access Birdie using your Identity Provider (Okta, Microsoft Azure, Google workspace, etc...)

PreviousRemote log outNextSetup SSO with Okta

Last updated 1 year ago

​Prerequisites for SSO with Birdie:

  • Your company’s identity provider (IdP) must support the SAML 2.0 standard.

  • You must have admin permission on the IdP.

  • You must be an admin of the Birdie organization you want to set SAML up on.

  • Disable for your Birdie workspace

SAML-based Single Sign-On (SSO) gives members access to Birdie through an identity provider (IdP) of your choice.

​Setup on Birdie

Once you have configured SSO on your IdP, you can enter metadata. If the setup is successful, administrators will see a confirmation dialog and the URL of the SSO login for end-users will be displayed.

Please note that Birdie does not send announcement emails when the setup is complete. It is the responsibility of the administrator to notify company employees and provide them with the login URL so they can access Birdie via SSO.

You'll need the following from your IdP metadata to register a SAML provider:

  • A label – this can be anything, it'll be displayed on the login page

  • A domain name

  • An entity ID

  • A Single Sign On URL

  • An X.509 certificate – make sure you copy and paste the whole certificate!

​Setup on the IdP

Most of these values can be copied directly into your IdP to complete configuration of SAML.

Birdie requires that the NameID contain the user’s email address. Technically we are looking for: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress as the Name-ID format – many providers (such as Google) will allow you set a format such as EMAIL.

Custom Attributes

Birdie will pull the following custom attributes from the SAML assert response and use them when creating the user.

Field
Description

first_name

first_name and last_name fields will be combined to produce the display name for the user in Birdie

last_name

first_name and last_name fields will be combined to produce the display name for the user in Birdie

​Creating end-user accounts

To add members, create accounts for them in your IdP. The first time a new member logs in to Birdie via the IdP, a Birdie account will be automatically created for them through IdP provisioning.

Set-up requires lowercase email addresses. Do not use mixed-case email addresses.‌

​Removing accounts

​Security notice

For security reasons, users who signed up for Birdie before the SSO was set up will need to log in using SSO. Also please note that activating your own SSO will prevent users to sign-in with our generic Birdie default Google Sign-in button.

To set up Birdie as a service provider, most SAML 2.0 compliant identity providers require specific information. This information is unique to your Birdie account and can be found in .

By default, members are added with the role agent. If you want a member to be an admin, you need to change their role via the Birdie .

When you remove a member from the Identity Provider (IdP), they will no longer be able to sign in to their corresponding Birdie account. However, this action will not delete the account from Birdie. To prevent further cookie-based access, we recommend that you manually remove the account from the member list in your .

🔐
Settings -> Security
team members page
Birdie Team settings page
Two-factor authentication
Enable SAML-based SSO