This page describes the process for configuring Twilio Console Single Sign-On (SSO) using the old way, which requires you contacting Twilio Support and providing your Identity Provider details. Enabling/disabling any of your users for SSO also requires you to create a support ticket.
We recommend using the new Self-Service SSO product which makes it easier for you to configure and manage SSO for your organization.
Please note that SSO for Console is only available to customers with Twilio Enterprise Edition or Twilio Administration Edition. For more information, please talk to sales.
Customers have to work with Twilio Support to set up and configure SSO. The integration steps are:
To configure SSO, you will need to provide the following details. Your IdP may provide this as a combined XML file:
GET
or POST
requests). Please ensure this URL is publicly accessible.POST
request).Twilio will provide its Entity ID and Security Token Consumer URL so that you may properly configure your IdP.
SAML responses must be signed, but we do not need the assertions to be signed. If you need additional security capabilities, please let us know.
To deploy the SSO integration, your staff and Twilio Support must validate that Twilio successfully integrates with your IdP, and that your users can log into Twilio.
The integration testing involves the following steps:
The next step is to identify the full set of users that you want to enable for SSO. This can be done in one of several ways:
Based on the preferred method, Twilio will provide a list of users for whom it will enable SSO. You must review the list and ensure that these users exist within your IdP.
If an employee is using an alias that does not exist within your IdP, we may not be able to enable SSO for that user's account.
Once you have reviewed the final list of users, we can enable SSO for those users in the Console. You must ensure that your IdP is also appropriately configured to allow access to the Twilio application.
Before Twilio enforces SSO, we recommend that you inform these employees that they will be logging into Twilio via their IdP. Once you give us the go-ahead, we will start enforcing SSO for the specified users.