Ironclad
  Last reviewed:  8 months ago  
 This guide covers how to configure Ironclad ↗ as a SAML application in Cloudflare Zero Trust.
- An identity provider configured in Cloudflare Zero Trust
- Admin access to a Ironclad site
- In Zero Trust ↗, go to Access > Applications.
- Select Add an application > SaaS.
- For Application, enter Ironcladand select the corresponding textbox that appears.
- For the authentication protocol, select SAML.
- Select Add application.
- Copy the SSO Endpoint and Public key.
- Keep this window open. You will finish this configuration in step 3. Finish adding a SaaS application to Cloudflare Zero Trust.
- In Ironclad, select your profile picture > Company settings > Integrations > SAML.
- Select Add SAML Configuration > Show Additional IdP Settings.
- Copy the Callback value.
- Fill in the following fields:
- Entry Point: SSO endpoint from application configuration in Cloudflare Zero Trust.
- Identity Provider Certificate: Public key from application configuration in Cloudflare Zero Trust.  The key will automatically be wrapped in -----BEGIN CERTIFICATE-----and-----END CERTIFICATE-----.
 
- Select Save.
- In your open Zero Trust window, fill in the following fields:
- Entity ID: ironcladapp.com
- Assertion Consumer Service URL: Callback from Ironclad SAML SSO set-up.
- Name ID format: Email
 
- Entity ID: 
- Configure Access policies for the application.
- Save the application.
- In Ironclad, select your profile picture > Company settings > Users & Groups.
- Select Invite User.
- For Email addresses, add your desired email address for your test user.
- For Sign-in Method, ensure Sign in with (your-team-domain.cloudflareaccess.com) is selected
- Select Invite.
- In the invitation email sent to the test user, select Join now. You will be redirected to the Cloudflare Access login screen and prompted to sign in with your identity provider.
- Once this is successful, you can contact your LE, CSM POC, or support@ironcladapp.comto migrate existing users to SSO login.