Applies to

Smartsheet
  • Enterprise

SAML FAQs

Answers to frequently asked questions when setting up, maintaining, or logging in to Smartsheet with a SAML-based Single Sign-On (SSO) service.

Who can use this?

Plans:

  • Enterprise

Why am I not able to sign in to Smartsheet with the Your Company Account button? 

This can be caused by the following:

  • Your browser may be storing outdated login data. Clear the cache and cookies in your browser before attempting to sign in again.
  • It's possible that your profile in the Identity Provider (IdP) being used to authenticate your information hasn't been added yet or needs to be updated. Partner with the IdP admin or your IT department within your organization to ensure that your profile information is present in the IdP.
  • You may not have been added to the account that your domain is associated with. Contact your System Admin to have them add you to the account.
  • Confirm you removed the following Azure Attribute claim: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/Name 

If the issue persists, take a screen capture of the error message you’re seeing and provide it to our Support team for further troubleshooting.

What should I do when I receive a notice that my certificates are about to expire?

You can update the certificate information in Smartsheet using the steps in the Replace an expired IdP certificate for SAML help article. Your Identity Provider (IdP) must generate the new certificate before you begin making changes in Smartsheet.

Why is my browser saying that my network isn’t secure when I try to sign in to Smartsheet with the Your Company Account button?

SAML login requires a secure network. If you receive a message like this, check the following:

  • Make sure your device is connected to your company’s internal network before attempting to sign in.
  • If you use a VPN to connect to your company’s network, make sure the VPN is online and connected. 

If the issue persists, take a screen capture of the error message you’re seeing and provide it to our Support team for further troubleshooting. 

Why has the option to update IdP metadata in Smartsheet been made unavailable to me?

If you're using the same EntityID as another Smartsheet account, you won't be able to edit the metadata. Have the System Admin of the other Smartsheet account follow the steps in the Replace an expired IdP certificate for SAML help article to update the metadata for everyone using it. 

If you’re not sure who the System Admin for the other Smartsheet account is, reach out to the Support team so we can assist with finding this information for you. 

Why did I receive an error during the metadata validation step while setting up SAML?

The error received in this step will call out the specific problem with the metadata. Here are a few examples of errors you might receive: 

  • DNS validation failed. Make sure the DNS entry has propagated and try again. 
  • Domain is already associated with IdP.
  • Missing SAML metadata.

You'll need to partner with the IdP admin to adjust the metadata claims and repeat the steps to set up SAML. Find examples of accepted claims in Smartsheet.

How do I add a domain to my IdP in Smartsheet?

If you have more than one active IdP, you can add domains to an IdP to ensure that everyone from that domain will authenticate against that IdP. Anyone who doesn't match an added domain will authenticate against the default IdP. 

  1. Select Edit next to Domains (advanced) in the Edit IdP form.
  2. Type the new domain (for example, "contoso.com") and select Add domain.