Configuring SAML SSO for monday.com

    These steps will guide you through setting up the single sign-on (SSO) functionality between ADSelfService Plus and monday.com.

    Prerequisite

    1. Log in to ADSelfService Plus as an administrator.
    2. Navigate to Configuration > Self-Service > Password Sync/Single Sign On > Add Application, and select monday.com from the applications displayed.

      3. Note: You can also find the monday.com application from the search bar located in the left pane or the alphabet wise navigation option in the right pane.

    3. On the monday.com configuration page, click IdP details in the top-right corner of the screen.
      4. Screenshot
    4. In the pop-up that appears, copy the Entity ID, Login URL, and download the SSO certificate by clicking on Download X.509 Certificate.
      5. Screenshot

    Monday.com (Service Provider) configuration steps

    1. Log in to monday.com with an administrator’s credentials.
    2. Navigate to Adminstration > Security > Login > Security & authentication settings.
      3. Screenshot


      Screenshot
    3. Click Open beside the Single Sign-On (SSO) option.
    4. Select the Custom SAML 2.0 option.
      5. Screenshot
    5. In the SAML SSO Url and Identity provider issuer fields, paste the Login URL and Entity ID values copied in Step 4 of Prerequisite, respectively.
    6. In the Public certificate field, paste the content of the X.509 certificate file you downloaded in Step 4 of Prerequisite.
      7. Screenshot
    7. Select Test SSO connection to ensure the SSO configuration is working.
    8. Select the required option for the Login Restrictions Policy.
    9. Click Activate.
      10. Screenshot

    ADSelfService Plus (Identity Provider) configuration steps

    1. Now, switch to the ADSelfService Plus monday.com configuration page.
    2. Enter the Application Name and Description.
    3. Enter the Domain name of your Peakon account. For example, if you use johndoe@thinktodaytech.com to log in to monday.com, then thinktodaytech.com is the domain name.
    4. In the Sub Domain field, enter the subdomain name of your monday.com account. For example, if your monday.com URL is https://xyzcorp.monday.com, then xyzcorp is the subdomain.
    5. In the Assign Policies field, select the policies for which SSO need to be enabled.

      6. Note: ADSelfService Plus allows you to create OU and group-based policies for your AD domains. To create a policy, go to Configuration > Self-Service > Policy Configuration > Add New Policy.

    6. Select the SAML tab and check Enable Single Sign-On.
    7. Enter the Company ID copied in step 4 of Peakon (Service Provider) configuration steps.
    8. In the Name ID Format field, choose the format for the user login attribute value specific to the application.

      9. Note: Use Unspecified as the default option if you are unsure about the format of the login attribute value used by the application.

    9. Click Add Application.
      10. Screenshot

    Your users should now be able to sign in to monday.com through ADSelfService Plus.

    Note: For monday.com, SSO is supported for SP and IDP initiated flow.