To simplify user and password management, Hosted~FTP~ Enterprise T2+ accounts and above can implement Single Sign-On (SSO) for user logins to securely authenticate and access multiple applications using one set of login credentials from one of our supported IDPs.
Current Supported IDPs
*Please note: Hosted~FTP~ supports both OpenID Connect and SAML 2.0
Configuring Azure AD with OpenID
Please add the following sign-in redirect URIs to your SSO OpenID Connect provider registrations.
Server location | Sign-in redirect URI |
Virginia | Https://us1.hostedftp.com/openidconnect |
Virginia | Https://us2.hostedftp.com/openidconnect |
California | Https://us3.hostedftp.com/openidconnect |
Oregon | Https://us4.hostedftp.com/openidconnect |
Ireland | Https://ie1.hostedftp.com/openidconnect |
Frankfurt | Https://de1.hostedftp.com/openidconnect |
Australia | Https://au1.hostedftp.com/openidconnect |
Korea | Https://kr1.hostedftp.com/openidconnect |
Japan | Https://jp1.hostedftp.com/openidconnect |
India | Https://in1.hostedftp.com/openidconnect |
1. Logging in as the administrator, go to your Setup tab and click on the SSO page and add a new SSO.
2. Fill in the details of the SSO profile (see details below) and click on Save to activate the SSO.
Name | The label of the SSO to be recognized when enforcing on an account/group/user level |
Protocol | Select OpenID Connect |
Provider | You can select 1 of 5 supported IDPs: Auth0, Google, Azure, Okta, or Ping Federate |
Domain | The domain name used to connect to your SSO
|
Client ID | The client ID found in the provider’s SSO settings |
Client Secret | The client secret in the provider’s SSO settings |
Extra Parameters | Extra parameters to add to the SSO (contact our support team to assist in setup) |
Active | Defaulted to be on active, un-checking this option will turn off the SSO |
Name | The label of the SSO to be recognized when enforcing on an account/group/user level |
Protocol | Select SAML 2.0 |
Provider | You can select 1 of 5 supported IDPs: Auth0, Google, Azure, Okta, or Ping Federate |
Response Issuer | The SSO identifier found in your SSO portal |
IDP URL | Replace <Application ID> and <Tenant ID> with your own SSO’s credentials in the URL.
Example for AzureAD URL: https://myapps.microsoft.com/signin/<Application ID>?tenantId=<Tenant ID> i.e. https://myapps.microsoft.com/signin/APPLICATION-ID-GOES-HERE?tenantId=TENANT-ID-GOES-HERE |
Certificate | Download your SAML certificate in Base64 version and open in a word editing document such as notepad and copy and paste the entire text including —BEGIN CERTIFICATE– and –END CERTIFICATE– lines |
Extra Parameters | Extra parameters to add to the SSO (contact our support team to assist in setup) |
Active | Defaulted to be on active, un-checking this option will turn off the SSO |