Enhance your Pipedrive security with SSO integration

August 18, 2024

Single Sign-On (SSO) is a powerful feature that simplifies user authentication by allowing users to log in once and access multiple applications. In this guide, we'll walk you through the steps to set up SSO integration in Pipedrive using Identity, the workforce and customer identity management solution from Celusion Technologies. Whether you're an IT administrator or a tech-savvy business owner, this step-by-step tutorial will help you seamlessly integrate SSO with Pipedrive.

Why SSO with Pipedrive?

Implementing SSO in Pipedrive offers several advantages:

  • Streamlined User Experience: Users can access Pipedrive and other connected applications with a single login, reducing password fatigue.
  • Enhanced Security: Centralized authentication through Identity minimizes security risks by enforcing stronger password policies and multi-factor authentication (MFA).
  • Simplified Management: Administrators can easily manage user access and permissions from a single platform, reducing the administrative burden.
Prerequisites

Before you begin, ensure that you have the following:

  • An active Identity account with administrator privileges and SAML enabled.
  • A Pipedrive account with admin access.
  • Basic understanding of SAML (Security Assertion Markup Language), the protocol used for SSO in Pipedrive
Step 1: Access the Identity Provider Server Profile
  1. Log in to the Identity Admin Console:
    • Access the Identity Admin Console using your admin credentials.
  2. View Identity Provider Server Profile:
    • Navigate to "Idp Server Profile" under "SAML 2.0"
    • Keep the page accessible. You will need the values shown to configure Pipedrive to use Identity
Identity Provider Server Profile (Identity)

Step 2: Configure Identity as the Identity Provider
  1. Access Pipedrive SSO Settings:
    • Log in to your Pipedrive account and go to the "Company Settings" section.
    • Navigate to "Security Center" and then select "Single Sign-On (SSO)."
  2. Enter Identity Provider Details:
    • Enter the Identity Provider (IdP) details you retrieved from the Identity Admin Console in Step1:
      • Issuer This is the unique identifier for your Identity account. (https://identity.celusion.dev/app)
      • Single Sign On (SSO) Url This is the Identity SSO endpoint URL. (https://identity.celusion.dev/app/saml/login)
      • X.509 Certificate Upload the X.509 certificate from Identity to ensure secure communication between Pipedrive and Identity. Click on "Copy certificate in PEM format" and paste it to Pipedrive
SAML configuration for Pipedrive (Pipedrive)
Step 3: Configure Pipedrive as the Service Provider
  1. Log in to the Identity Admin Console:
    • Access the Identity Admin Console using your admin credentials.
  2. Create a New Service Provider:
    • Navigate to the "Service Providers" section under "SAML 2.0" and click on "New Service Provider."
  3. Enter Pipedrive Configuration Details:
    • In the Service Provider screen, enter the following details:
      • Name Friendly name when displaying the service provider. (Pipedrive)
      • Entity ID This is the unique identifier for your Pipedrive instance, found in the Pipedrive SSO settings. (https://celusion.pipedrive.com/sso/auth/samlp/metadata.xml)
      • Assertion Consumer URI This is the URL where Pipedrive will receive authentication responses. You can find this URL in your Pipedrive account under the SSO settings. (https://celusion.pipedrive.com/sso/auth/samlp)
    • Save the new Service Provider

Logout of Identity. This is required to ensure that a login prompt is shown when testing SSO from Pipedrive. If you do not logout, Pipedrive will attempt the SSO, with the current administrative user logged in to Identity.

Service Provider General Settings (Identity)

Service Provider Authentication Settings (Identity)

SAML configuration for Identity Provider (Pipedrive)

Step 4: Test your Integration and get started
  1. Test your Pipedrive SSO settings
    • Access your Pipedrive SSO settings
    • Click on Test to initiate a SSO flow.
    • Enter credentials in the Identity login screen presented. Ensure that the email address of the Identity user and the Pipedrive user match. This email address is used to associate the users between Identity and Pipedrive. If you login with a user that cannot be associated in Pipedrive, the SSO test fails.
    • After entering the credentials, you should be redirected to Pipedrive
    • Toggle the "Enable for users" switch to make your SSO integration available for all your Pipedrive users
    • You can also "Enforce SSO login" for all users
  2. Inform Your Users:
    • Notify your users about the new SSO setup. Provide them with instructions on how to log in using Identity. You click on SSO on the login page, which will initiate the login screen in Identity and on successful login, take you to the home page in Pipedrive
  3. Monitor and Troubleshoot:
    • Keep an eye on the integration for the first few days. Address any issues promptly by reviewing the logs in both Pipedrive and Identity.
Pipedrive SSO Login Page
Video Tutorial

We've also created a comprehensive video tutorial on YouTube that walks you through the entire SSO setup process in Pipedrive using Identity as the Identity Provider. Watch it here to see each step in action!

Conclusion

Setting up SSO integration between Pipedrive and Identity not only enhances security but also improves user experience and simplifies management. With these steps, you can ensure a smooth and secure authentication process for your team. If you encounter any challenges, both Pipedrive and Identity offer robust support resources to assist you.

Convert Every Banking Lead with Seamless Onboarding
Oct 28, 2024

Streamline financial service's lead management with seamless onboarding, personalized journeys, and automation to maximize conversions.

Transforming Corporate Lending in India
Oct 22, 2024

Origin LOS streamlines corporate lending for banks, enhancing efficiency, risk management, and compliance to meet growing credit demand.

Why API Gateway is a Strategic Differentiator for Banks?
Oct 22, 2024

An API Gateway helps banks modernize efficiently, enhance operations, and deliver consistent customer experiences across channels without costly system overhauls.