Configure SAML 2.0 for Vercel
This guide provides instructions on configuring SAML 2.0 Single Sign-On (SSO) for the Vercel app.
Contents
Supported features
Vercel supports the following features:
- SP-initiated SSO
- IdP-initiated SSO
Prerequisites
- Ensure that you have an Okta admin role with permission to manage apps.
- Ensure that you're an Owner of the Vercel team.
Integrate the app in Okta
- In the Admin Console, go to Applications > Applications.
- Click Browse App Catalog.
- Search for and select the Vercel app.
- Click Add Integration.
- On the General Settings tab, enter an Application label and click Done.
- On the Sign On tab, in the SAML section, copy the Metadata URL and store it for later use.
Configure SAML in Vercel
- Sign in to Vercel.
- In the left navigation, click Settings > Security and Privacy.
- Scroll down to the SAML Single Sign-On section and click Configure.
- In the configuration wizard, go to the step that shows the ACS URL and Audience URI. Copy these values and store them for later use.
- In the IDP Metadata URL field, paste the Metadata URL you copied from Okta.
- Copy the Application username format value (
user.getInternalProperty("id")) shown in the wizard and store it for later use.
- Complete the SSO test to verify that the connection is successful.
- In the SAML Single Sign-On section, select the option to require team members to sign in with SAML.
Configure the SP metadata in Okta
- In the Admin Console, go to Applications > Applications.
- Select the Vercel app.
- On the Sign On tab, click Edit.
- In Advanced Sign-on Settings, paste the ACS URL value you copied from Vercel into the ACS URL field.
- Paste the Audience URI value you copied from Vercel into the Audience URI field.
- For Application username format, select Custom and enter
user.getInternalProperty("id").
- Click Save.
Verify SP-initiated SSO
Go to https://vercel.com/login. Enter your org slug and click Continue with SAML SSO. You're redirected to the sign-in page for your org.
Supported SAML attributes
Vercel supports these SAML attributes:
| Name |
Value |
| email |
user.email |
| firstName |
user.firstName |
| lastName |
user.lastName |