Access to this feature can change based on your Quickbase plan. Learn more about feature availability and plans in Quickbase capabilities.
As an alternative to configuring SAML within Quickbase, you may decide to contact Quickbase Technical Support to assist you.
Your organization’s IT department must first configure a SAML IdP that will communicate with your corporate access system, using the SAML assertion details required. Contact your Quickbase Account Executive, Customer Success Manager, or Quickbase Technical Support if you need support.
Provide IdP details to Quickbase Technical Support
When the IdP configuration is complete, contact Quickbase Customer Care to provide the following IdP details:
-
Entity ID* – This identifies the asset or realm you are trying to access. You should use your realm URL, for example entityID="https://samltest.quickbase.com".
-
Sign-in URL* – This URL is used by Quickbase to request authentication from the IdP (Destination in the AuthnRequest). It redirects the user to the client company's login page.
-
Sign-out URL – The URL that redirects the user to a web page after logging out of Quickbase.
-
Provider Name* – How Quickbase is identified in your IdP logs, for example Quickbase.
-
Support page URL* – A URL that redirects authentication issues to an internal IT tracking website.
-
Text for support link* – A name in your IT department that provides your employees with a point of contact to report SSO errors.
-
Public Certificate* – The Identity Provider’s X.509 authentication certificate used to sign the SAML assertion XML before sending it to Quickbase.
* indicates a required item
Testing process
After Quickbase Technical Support receives your IdP information and before SSO SAML is pushed to your live production realm account, they perform the following steps to test the SSO SAML settings:
-
Quickbase Technical Support schedules a call with you during the work week (Monday through Friday) to schedule a test to ensure that everything is working properly. Note: Quickbase Technical Support requires 24 to 48 hours lead time to schedule the test. To test or implement changes during off hours, Quickbase Technical Support can accommodate on a case by case basis.
-
Quickbase Technical Support creates a test realm account environment to configure the SAML settings.
-
After a successful test on the test realm account, Quickbase Technical Support implements the same setup on the live realm account.
Email addresses
Contact Quickbase Technical Support or your Sales Engineer to supply a list of the email domains registered with your company. Users provisioned or invited into your realm with email addresses matching the company's email domain are required to authenticate through SAML. If you have existing Quickbase users, verify that their email addresses in Quickbase match the email addresses sent by the SAML IdP.
Important: The first time a user authenticates using SAML, Quickbase searches for an exact email address match to determine who (Quickbase user) is signing in. The email address in Quickbase must match the one that the SAML lIdP sends.
If the email addresses don't match the email addresses sent by the SAML IdP (for example, jdoe@example.com and jdoe@exampleinc.com), Quickbase won't recognize the sign-inattempt from the existing user, and will create a new user who won't have access to any of the existing user's apps. Quickbase treats the user as a new user when they sign in, and all of their Quickbase history is lost.