Lola SAML 2.0 Single Sign On Guide

Use this page as your go-to resource for configuring SAML 2.0 for Lola.



  1. Supported Features
  2. Configuration Steps

Supported Features

The Lola SAML integration currently supports the following features:

  • SP-initiated SSO
  • IdP-initiated SSO
  • JIT (Just In Time) Provisioning
  • For more information on the listed features, contact your Lola Success Manager

Configuration Steps

Note: You will need to create a SAML 2.0 connector/app and email your Lola Success Manager the Metadata XML file.

Navigate to the ADVANCED SIGN-ON SETTINGS section in your SAML connector/app:

  • Find the “Identity Provider Metadata”

2. Log into Lola and head to “Manage”

  • Under the “Settings” tab, go to “Integrations.” Scroll down until you see the “SAML SSO” tile.

    Screen Shot 2020-05-04 at 11.29.00 AM
  • Copy the SAML metadata values from your identity provider into Lola

Screen Shot 2020-05-04 at 11.29.17 AM
Note: When copying and pasting values from the metadata url, do not include the opening and closing tags, or the quotes around the url.

Your identity provider’s SAML metadata may look like the image below. We’ve highlighted the fields that need to be copied and pasted.

Image from iOS (13)
  • Enter Lola’s values (ACS URL, Audience URI) from the wizard into your SAML app/connector.

  • Ensure that the SAML assertion contains an attribute named "Email". (Most identity providers have a User Attributes section where you can add the "Email" attribute and map it to a value from the identity provider. For example, Azure Active Directory allows you to create a User Attribute titled "Email" and map it to Azure's "user.userprincipalname" or "" values.)

  • Click Save, and you’re all set!



All done!