Configuring SAML in Quick Base

This topic refers to functionality that is only available to accounts on the Quick Base Platform or Quick Base Unlimited plans. If you do not see the functionality described here, either your account or realm has not been configured to show it, or your account is not on one of those plans.

Before you begin

Important: If your company uses email aliases within your IdP, please contact Customer Care to coordinate setting up SAML for your realm.

Before you can configure SAML in Quick Base, you must:

  1. Configure an IdP that can communicate with your corporate access system using SAML 2.0. The IdP securely maintains user identity information and authenticates users through the corporate access system.

  2. Ensure that your IdP sends a specific set of attributes for authentication to work properly.

  3. Gather the following IdP details required to configure SAML in Quick Base:

    • Entity ID – This identifies the asset or realm you are trying to access. You should use your realm URL.

    • Sign-in URL – This URL is used by Quick Base to request authentication from the IdP (Destination in the AuthnRequest). It redirects the user to the client company's login page.

    • Sign-out URL (optional) – The URL that redirects the user to a web page after logging out of Quick Base.

    • Provider Name – How Quick Base is identified in your IdP logs, for example Quick Base.

    • Support page URL – A URL that redirects authentication issues to an internal IT tracking website.

    • Text for support link – A name in your IT department that provides your employees with a point of contact to report SSO errors.

    • Public certificate – The Identity Provider’s X.509 authentication certificate used to sign the SAML assertion XML before sending it to Quick Base.

Configuring via the Quick Base Admin Console

To configure SAML authentication in Quick Base:

  1. From the Admin Console, select SAML Authentication.

  2. From the SAML Authentication page:

    1. If SAML authentication has not been configured, select Configure SAML.

    2. If SAML authentication has been configured, the SAML authentication details display. Select Edit SAML Configuration to modify the existing SAML configuration settings.

    3. (Optional) If you are using a third-party identity management solution to configure and automate user provisioning for your realm with SAML, select SCIM.

  3. From the SAML Configuration page:

    1. If your IdP metadata details are formatted correctly and are available to upload from a file, click Upload IdP metadata. The fields below will automatically populate with their respective data.

    2. If you don't have metadata file, you must manually enter the data (which you previously gathered) into the required fields.

    3. Select Upload certificate to upload the Identity Provider’s X.509 authentication certificate (.cer) used to sign the SAML assertion XML before sending it to Quick Base.

  4. (Optional) To set advanced options such as the method used to encrypt the SAML assertion and to allow users to authenticate through SAML, select Advanced SAML Options. The default encryption method is AES256-bit.

  5. Select Next to save your SAML configuration settings.

The SAML Authentication page displays your SAML configuration settings and indicates your public certificate was uploaded. User authentication to your Quick Base realm using SAML has been successfully configured.

Related Topics: