SAML setup
NameDrop supports SAML 2.0 with all major identity providers. The setup is currently driven by NameDrop’s support team alongside your IdP admin during Corporate Plan rollout.
High-level flow
Section titled “High-level flow”- Tell us your IdP — Okta, Azure AD, Google Workspace, OneLogin, JumpCloud, ADFS, or any standard SAML 2.0 IdP.
- NameDrop generates the SP metadata — Entity ID, ACS URL, and SP certificate, all hosted at a per-tenant URL we share.
- You register NameDrop in your IdP — paste our SP metadata into your IdP’s app catalog as a custom SAML app.
- You send us your IdP metadata — Entity ID, SSO URL, and the IdP signing certificate.
- Attribute mapping — map
email,firstName,lastName(minimum) to NameDrop’s SAML attribute names. - Test the flow — NameDrop runs a test login against your IdP; you confirm the attributes flow through.
- Go live — NameDrop enables SAML enforcement on your tenant. Users hit your IdP for login from that point forward.
Required attributes
Section titled “Required attributes”| NameDrop expects | Standard SAML name |
|---|---|
email | urn:oid:0.9.2342.19200300.100.1.3 (mail) |
firstName | urn:oid:2.5.4.42 (givenName) |
lastName | urn:oid:2.5.4.4 (sn) |
Optional attributes (like department, title) can be passed through if you want them surfaced in NameDrop’s directory.
What about SCIM / auto-provisioning?
Section titled “What about SCIM / auto-provisioning?”SCIM-based provisioning isn’t available yet — NameDrop relies on email domain auto-detection: users who sign in via SSO whose email matches your org domain get auto-assigned to your tenant.
Get started
Section titled “Get started”Setup is a single short call with our team plus the IdP metadata exchange. Email hello@namedrop.io with your IdP name to kick things off.