TripLog offers the option to set up Single Sign-On for Enterprise Accounts. This will allow your users to access the TripLog Mobile App and TripLog Web by using your company's single sign-on access. We support SAML 2.0 for the SSO configuration.
Configuration
Contact support for assistance with the configuration. They can provide access to the forms or communicate the setup to the team once validated.
A few things to note on our SSO process and configuration:
TripLog Users will no longer use the User Name (email) Password combination they may have been previously using in TripLog.
If users are currently logged in on the app, they will remain so. Any subsequent login attempts on the app or web will use SSO.
Users are not managed through the TripLog SSO connection. They will still need to be added to the TripLog account and possibly to the network group assigned to your application access. There are API options available to manage users (API Documentation)
Required Information to Provide to TripLog for Configuration:
All Domains for your Company Emails (public emails will not work, ie @gmail.com or @icloud.com)
Your IdProvider URL (usually the unique URL for the application) https://login.microsoftonline.com/40ca02c4-4d9a-91b5-78a4-5b87c97c33e3/saml2 or https://myorg.okta.com/app/myorg_triplog/wxj7C4kz1d8exk1sak93/sso/saml
TripLog Application ID (You create this name, can be any string) It depends on your setup requirements. Examples:
Custom Name(OKTA/Managed SSO): TripLog01
Generated Application ID: 19fe6132-ffe2-43b7-b890-61d09fc20dfd
Items you will need to enter and provide to us the data entered:
Single Sign On URL: https://app.triplog.net/web/sso/login/[myorg]
Replace [myorg] with your company name or the entry you need
Reply URL: https://app.triplog.net/web/sso/saml
Make sure the nameID or Unique User ID (unique user identifier) in the returned packet is the user's email address.
Azure/MS Example
Example Configuration Entries for different configurations in Azure or MS AD.
Two different formats for the Application(Entity ID), both using the https://www.triplogmileage.com/web/sso/saml reply URL
OKTA Example
Example SAML Configuration Page in OKTA with Application ID of TripLog and the Single Sign On URL set as https://www.triplogmileage.com/web/sso/saml and the nameID format selected as EmailAddress
Questions and Troubleshooting:
We have multiple accounts but the same domain. Will SSO still work?
Yes, all users still need to have an existing entry in the application on your SAML application. When verified, TripLog will pass the user on to the correct account using the EMAIL as the ID to log them in.
We have some users with personal email accounts. Can we use SSO?
It is not possible to support generic emails like gmail.com and yahoo.com, so those users would not be able to log in until they had a matching domain email and were added to your application.
A note about existing configurations and the change to TripLog.net:
While new configurations will be completed under the app.triplog.net URL, the existing configurations that exist under the www.triplogmileage.com will continue to be supported. There is not need to update your configuration unless required by your security teams. Please contact support if there are any questions.