This article discusses SSO (single sign-on), a feature that is only available to Podbean Business Pro and Enterprise plan accounts.
If you're the admin of a Podbean Business account on a Pro or Enterprise plan, you can let private members access Podbean by signing in via a central identity provider. With single sign-on (SSO), you can put the identity provider you already trust in charge of authentication, and private members can access Podbean without another password to manage.
How do I set up SSO with Podbean?
With Podbean, it is easy to set up SSO. There are only 2 steps:
1. Download the Podbean SSO metadata file in your Podbean account (Company Dashboard>"Settings" > “SSO Login”) and give it to your SSO Admin.
If your SSO Admin needs to manually enter SSO configuration parameters, they may use the following data:
EntityID:
Reply URL:
https://www.podbean.com/saml/module.php/saml/sp/saml2-acs.php/podbean
Logout URL:
https://www.podbean.com/saml/module.php/saml/sp/saml2-logout.php/podbean
2. Get your company SSO IdP metadata file from your SSO admin and upload it to your Podbean account.
An SSO IdP Metadata File (should contain all the following information):
- Entity ID, Connection ID, or External Key
- Redirect URL
- Public Certificate
Your organization’s email domain
- Once SSO is turned on, users can sign in to Podbean by entering just their email address. This will redirect them to your identity provider's sign-in page, where they can enter their SSO login credentials.
Your organization name (optional)
- This is the alternative option to an email domain. If your users don’t have email addresses with the same organization domain, you can let your users enter this organization name in Podbean’s SSO login. Users will be redirected to your identity provider's sign-in page, where they can enter their SSO login credentials.
An SSO Test account
- This account will be used to test SSO login after we complete the SSO setup for your organization.
Will Podbean SSO work with our system? (What identity providers do you support?)
Podbean uses the secure and widely adopted industry standard Security Assertion Markup Language (SAML), which means our implementation of SSO integrates easily with any identity provider or organization that supports SAML. If you've built your own SAML-based federated authentication process, we integrate with that too. We support service provider initiated SAML.
After initiating SSO, what happens to computers and mobile devices that are already linked to Podbean accounts?
All computers and mobile devices that are already linked to Podbean accounts will continue to work normally when you enable single sign-on. If users need to relink a device or link a new one, they can use SSO login or their Podbean account email/password they used before.
How do we manage SSO login users?
Users are automatically added into your private member list after they login using SSO. You can view and manage (delete, manage group permissions, etc.) the members in your dashboard.
How does SSO work for users on Podbean?
SSO Login on your white label app:
If we create a white label app for your organization, users will see an SSO login button when they open the app.When they click the “SSO Login” button they will be redirected to your organization’s (or the identity provider's) sign-in page, where they can enter their SSO login credentials. Once users get authenticated, they will be redirected back to the app and be logged in.
SSO Login via your Podbean organization page:
When users visit your Podbean organization page, they will be redirected to your organization’s (or the identity provider's) sign-in page, where they can enter their SSO login credentials. Once users get authenticated, they will be redirected back to your organization page and be logged in.
SSO login via www.podbean.com:
Users can click “Sign in with SSO” on the login page. They can enter an email or the organization name, so our system knows which organization this user belongs to. Then they will be redirected to your organization’s (or the identity provider's) sign-in page, where they can enter their SSO login credentials. Once users get authenticated, they will be redirected to your organization page and be logged in.
SSO login on the Podbean podcast app:
When users open the Podbean app, they can click “Login Now” at the bottom of the page and choose “Sign in with SSO”.
They can enter an email or the organization name, so our system knows which organization this user belongs to. Then they will be redirected to your organization’s (or the identity provider's) sign-in page, where they can enter their SSO login credentials. Once users get authenticated, they will be redirected to the app and be logged in.
