Single Sign On with SAML

RippleMatch now allows you to use Single Sign On (SSO) to log into our platform. This is a Service Provider (SP) Initiated only feature.

SSO will allow users to log in to RippleMatch using your organization's SAML Identity Provider.

Skip to the setup information here.

What is SAML?

SAML (Security Assertion Markup Language) is an XML-based flow for authentication between two separate applications - an identity provider (IdP) and a service provider (SP). Interested in the technical specifics? — check out this easy to follow write up by OneLogin!

Benefits of SSO

This functionality is valuable for a number of reasons:

  • Security 🔐

    • centralized authentication

      • 1 less account/password to be managed

      • IT Admins can manage users. For example, if an employee leaves, that employee will lose access to RippleMatch through a naturally managed set of IT tasks within your purview. The same goes for when a new employee joins the company and requires access to RippleMatch. Admins can also typically determine a subset of users to grant SSO to a particular app.

  • Convenience 📈

    • centralized authentication - users don't need to remember another account

Setting up SSO with RippleMatch

Right now, in order to establish SSO with RippleMatch an admin on your account will need to contact your Customer Success Manager to start the process of enabling this feature on our backend.

Pro Tip: If this is the first time you're hearing all these terms... no worries! Feel free to CC someone from your Internal Technical/Security Team that can chat through these details as well!


In the "we want SSO enabled" email, please include the following information from your IdP (Identity Provider):

  • Entity ID:

  • SSO URL:

  • x509 Certificate:

  • This can also be via a unique URL or metadata file.

Note: Setting up SSO is a TWO WAY STREET. Essentially, we configure your information on our end, and you configure our information on your end.

SP (Service Provider) Configuration

We, RippleMatch, are the Service Provider and will provide a unique Metadata URL that contains the information below. This is the URL that your security team will use to connect to our SAML endpoint:

  • Metadata URL:

  • Entity ID:

  • ACS URL:

  • ECS Binding:

Signing in SSO on RippleMatch

Once established, logging in to RippleMatch with SSO can be done via the login page — ripplematch.com/login

Log In with SSO will ask users for the email address and then check if that email has been set up with SSO.

  • If the email is set up with SSO,

    1. and the user is already signed in to their provider, the user will be automatically logged in to RippleMatch

    2. and is not signed in yet, user will will be redirected to their SSO provider’s log in page

  • If the email is not set up with SSO, the user will see an error message letting them know that SSO has not been set up for that email

NOTE: Each individual user must be configured on your end first before they can log in via SSO into our platform. i.e., if a new user is added to the RippleMatch platform, they must be configured on your company's end so that SSO works for the new user.

Did this answer your question?