Configuring SAML SSO for CakeHR

These steps will guide you through setting up the single sign-on functionality between ADSelfService Plus and CakeHR.


  1. Login to ADSelfService Plus as an administrator.

  2. Navigate to Configuration → Self-service → Password Sync/Single Sign-on.

  3. Search for CakeHR and select it.

  4. Click Download SSO Certificate link in the top-right corner of the screen.

  5. In the pop-up that appears, copy the Login URL and SHA1 Fingerprint Download Certificate.

CakeHR (Service Provider) configuration steps

  1. Login to CakeHR account with administrator’s credentials.

  2. Navigate to Profile → Settings → Integration -> SAML SSO

  3. Enter the Entity ID (

  4. Paste the Login URL, copied in Step 5 of Prerequisite, in Authentication field.

  5. Paste the fingerprint, copied in Step 5 of Prerequisite, in the Fingerprint field.

  6. Click Save..

ADSelfService Plus (Identity Provider) configuration steps

  1. Now, switch to ADSelfService Plus’ CakeHR configuration page.

  2. In the Domain Name field, enter the Domain name of your email address. For example, if you use to log in to CakeHR, then is the domain name.

  3. Enter the SP Identifier name of your CakeHR portal, in the SP Identifier field. For Eg. https://<sp_identifier>

  4. Provide a Description in the respective field.

  5. In the Available Policies field, click on the drop-down box and select the policies for which you wish to enable single sign-on.

  6. Click Save.

For CakeHR, single sign-on is supported for IDP initiated flow

Go to Top
Copyright © 2020, ZOHO Corp. All Rights Reserved.