Email Experiences supports the SAML 2.0 authentication framework. SAML is an open standard for exchanging authentication and authorization data between an identity provider and a service provider. Most notably, it addresses web browser single sign-on (SSO) for enterprise companies.
SAML completely eliminates all passwords and instead uses standard cryptography and digital signatures to pass a secure sign-in token from an identity provider to a SaaS application, like Email Experiences.
Terminus supports both Email Experiences initiated and Identity Provider (IdP) initiated SAML integrations. For Email Experiences initiated SAML, we require certain credentials from your SAML admin for setup. For IdP initiated SAML, we will work with your team to provide the credentials to add Email Experiences as an approved application to your IdP.
SAML authentication with Email Experiences is typically configured by providing your IDP's metadata and certificate information, so that Terminus can validate SAML requests for your organization.
Email Experiences also provides the option to disable all other login methods (username & password, Google/O365 Sign-in, etc) so that only SAML logins are allowed for your Email Experiences instance.
If you would like to learn more about our SAML integration or wish to set it up for your company, please reach out to firstname.lastname@example.org.