Product Update
Product Update

How to configure SAML single sign-on (SSO) in Otter.ai

Simon Lau
Simon Lau
May 11, 2020

Updated on:

How to configure SAML single sign-on (SSO) in Otter.ai
Article Breakdown

SAML-based single sign-on (SSO) gives members access to Otter through an identity provider (IDP) of your choice.

Otter supports‍‍‍‍‍

• Identity Provider (IdP) Initiated Flow

• Service Provider (SP) Initiated Flow

• Just-in-time (JIT) provisioning. An Otter account is created on-the-fly according to the SAML attributes when users log in to Otter via IdP-initiated login.

• Assertion and NameID Encryption

• Session duration configured in your IdP

Who can use this feature

• Available to Otter for Enterprise plan (100 seats minimum) only

• Only the admin can configure SSO for the team. Once configured, SSO is available for use for every team member.

If your organization uses Okta as the identity provider, please read the setup guide here. Otherwise, please continue.

Before you start ...
Please contact your Otter.ai account manager to enable SSO before you proceeding to the following setup steps.

Step 1: Configure your identity provider

Before you start: know your Team Handle

On Otter.ai Team Settings page, choose "Settings & Security" tab, locate "SAML Authentication", and click "Configure". You can find your team handle at the top of the popup dialogue.

NOTE: Replace yourhandle in the following instructions with your team’s handle

Single Sign On URL

Also known as “SSO post-back URL”, “Assertion Consumer Service URL”, “ACS URL”

https://otter.ai/saml/yourhandle

Entity ID

Also known as “Audience”

https://otter.ai/saml/metadata/yourhandle

NameID

NameID must be unique, pseudo-random, and will not change for the user over time — like an employee ID number. The NameID Format must be “persistent”

<saml2:Subject>
    <saml2:NameIDFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">
        userName
    </saml2:NameID>
</saml2:Subject>

Attributes

Otter supports the following SAML Attribute formats:

urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified
urn:oasis:names:tc:SAML:2.0:attrname-format:uri


first_name: (required) the user’s first name
<saml2:Attribute Name="first_name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">    
    <saml2:AttributeValue xsi:type="xs:string">        
        first_name_value   
    </saml2:AttributeValue>
</saml2:Attribute>

or

<saml2:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">    
    <saml2:AttributeValue xsi:type="xs:string">        
        first_name_value    
    </saml2:AttributeValue>
</saml2:Attribute>
last_name: (required) the user’s last name
<saml2:Attribute Name="last_name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">    
    <saml2:AttributeValue xsi:type="xs:string">        
        last_name_value   
    </saml2:AttributeValue>
</saml2:Attribute>

or

<saml2:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">    
    <saml2:AttributeValue xsi:type="xs:string">        
        last_name_value   
    </saml2:AttributeValue>
</saml2:Attribute>
email: (required) the user’s email address
<saml2:Attribute Name="email" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">    
    <saml2:AttributeValue xsi:type="xs:string">        
        email_value    
    </saml2:AttributeValue>
</saml2:Attribute>

or

<saml2:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">    
    <saml2:AttributeValue xsi:type="xs:string">        
        email_value    
    </saml2:AttributeValue>
</saml2:Attribute>

or

<saml2:Attribute Name="urn:oid:1.2.840.113549.1.9.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">    
    <saml2:AttributeValue xsi:type="xs:string">        
        email_value    
    </saml2:AttributeValue>
</saml2:Attribute>

SAML Metadata

If your IdP asks for SAML metadata XML file during setup, it can be downloaded at

https://otter.ai/saml/metadata/yourhandle

Step 2: Set up SAML SSO for Otter

  1. Visit https://otter.ai/manage-team/team-settings
  2. In Privacy & Security tab, find SAML Authentication. Click “Configure”.
  3. Enter your SAML Endpoint URL (this came from setting up your identity provider earlier.) This is where authentication requests from Otter will be sent.
  4. Enter your Identity Provider Issuer URL (also known as the IdP Entity ID).
  5. Copy the entire x.509 Public Certificate from your identity provider.
  6. (Optional) In advanced settings, you can choose to sign AnthNRequest. You can also choose to require SAML Assertion and NameID encryption. Make sure the configuration in your IdP matches the selections in Otter.
  7. To save changes, click “Save and Test”. A test authentication will be attempted to verify your configuration.
  8. You can enable SSO for your team once the above test passes. Upon enabling, SSO is optional, and other sign-in methods are still allowed. This is recommended during testing period to ensure your team members have an uninterrupted experience.
  9. When it's ready, remember to change to require SSO for all team members, so as to prevent members from using other sign-in methods.

If you encounter problems during the setup, please contact support@otter.ai for help.

SAML-based single sign-on (SSO) gives members access to Otter through an identity provider (IDP) of your choice.

Otter supports‍‍‍‍‍

• Identity Provider (IdP) Initiated Flow

• Service Provider (SP) Initiated Flow

• Just-in-time (JIT) provisioning. An Otter account is created on-the-fly according to the SAML attributes when users log in to Otter via IdP-initiated login.

• Assertion and NameID Encryption

• Session duration configured in your IdP

Who can use this feature

• Available to Otter for Enterprise plan (100 seats minimum) only

• Only the admin can configure SSO for the team. Once configured, SSO is available for use for every team member.

If your organization uses Okta as the identity provider, please read the setup guide here. Otherwise, please continue.

Before you start ...
Please contact your Otter.ai account manager to enable SSO before you proceeding to the following setup steps.

Step 1: Configure your identity provider

Before you start: know your Team Handle

On Otter.ai Team Settings page, choose "Settings & Security" tab, locate "SAML Authentication", and click "Configure". You can find your team handle at the top of the popup dialogue.

NOTE: Replace yourhandle in the following instructions with your team’s handle

Single Sign On URL

Also known as “SSO post-back URL”, “Assertion Consumer Service URL”, “ACS URL”

https://otter.ai/saml/yourhandle

Entity ID

Also known as “Audience”

https://otter.ai/saml/metadata/yourhandle

NameID

NameID must be unique, pseudo-random, and will not change for the user over time — like an employee ID number. The NameID Format must be “persistent”

<saml2:Subject>
    <saml2:NameIDFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">
        userName
    </saml2:NameID>
</saml2:Subject>

Attributes

Otter supports the following SAML Attribute formats:

urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified
urn:oasis:names:tc:SAML:2.0:attrname-format:uri


first_name: (required) the user’s first name
<saml2:Attribute Name="first_name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">    
    <saml2:AttributeValue xsi:type="xs:string">        
        first_name_value   
    </saml2:AttributeValue>
</saml2:Attribute>

or

<saml2:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">    
    <saml2:AttributeValue xsi:type="xs:string">        
        first_name_value    
    </saml2:AttributeValue>
</saml2:Attribute>
last_name: (required) the user’s last name
<saml2:Attribute Name="last_name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">    
    <saml2:AttributeValue xsi:type="xs:string">        
        last_name_value   
    </saml2:AttributeValue>
</saml2:Attribute>

or

<saml2:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">    
    <saml2:AttributeValue xsi:type="xs:string">        
        last_name_value   
    </saml2:AttributeValue>
</saml2:Attribute>
email: (required) the user’s email address
<saml2:Attribute Name="email" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">    
    <saml2:AttributeValue xsi:type="xs:string">        
        email_value    
    </saml2:AttributeValue>
</saml2:Attribute>

or

<saml2:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">    
    <saml2:AttributeValue xsi:type="xs:string">        
        email_value    
    </saml2:AttributeValue>
</saml2:Attribute>

or

<saml2:Attribute Name="urn:oid:1.2.840.113549.1.9.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">    
    <saml2:AttributeValue xsi:type="xs:string">        
        email_value    
    </saml2:AttributeValue>
</saml2:Attribute>

SAML Metadata

If your IdP asks for SAML metadata XML file during setup, it can be downloaded at

https://otter.ai/saml/metadata/yourhandle

Step 2: Set up SAML SSO for Otter

  1. Visit https://otter.ai/manage-team/team-settings
  2. In Privacy & Security tab, find SAML Authentication. Click “Configure”.
  3. Enter your SAML Endpoint URL (this came from setting up your identity provider earlier.) This is where authentication requests from Otter will be sent.
  4. Enter your Identity Provider Issuer URL (also known as the IdP Entity ID).
  5. Copy the entire x.509 Public Certificate from your identity provider.
  6. (Optional) In advanced settings, you can choose to sign AnthNRequest. You can also choose to require SAML Assertion and NameID encryption. Make sure the configuration in your IdP matches the selections in Otter.
  7. To save changes, click “Save and Test”. A test authentication will be attempted to verify your configuration.
  8. You can enable SSO for your team once the above test passes. Upon enabling, SSO is optional, and other sign-in methods are still allowed. This is recommended during testing period to ensure your team members have an uninterrupted experience.
  9. When it's ready, remember to change to require SSO for all team members, so as to prevent members from using other sign-in methods.

If you encounter problems during the setup, please contact support@otter.ai for help.

Get started with Otter today.
Start for Free
Contact Sales

You Might Be Interested In

How to unhide your Apple ID email in Otter

How to unhide your Apple ID email in Otter so that you will receive conversations shared to your real email address, and people you share to will recognize it's from you.
Josh Gould
Josh Gould
March 4, 2020

Transcribe Zoom recordings automatically

Otter can automatically sync cloud recordings from your Zoom account and transcribe them in your Otter account.
Simon Lau
Simon Lau
August 27, 2019

How to transcribe a video on a PC with Otter.ai

The easiest way to transcribe a (live) video on a PC without playing the sound on speaker mode is to use this simple tool!
Simon Lau
Simon Lau
April 26, 2020

Live transcribe Zoom with Otter.ai

At a time when most meetings, events, and classes have gone virtual, remote workers and students struggle to listen and pay attention while taking...
Simon Lau
Simon Lau
April 12, 2020

Personalize Otter.ai with Custom Vocabulary to Boost Accuracy

You can teach Otter.ai proper names, jargon, acronyms, and unique name spellings with Custom Vocabulary – a paid features in Otter Premium and...
Simon Lau
Simon Lau
November 22, 2019

A Smarter "Home"

Otter has a new Home screen to bring you timely reminders and notifications so you can quickly review and take action.
Josh Gould
Josh Gould
January 21, 2019

Login Help

Wondering why you log in and you see a free Otter Basic account without the conversations you saved? You probably logged into the wrong account or ina
Simon Lau
Simon Lau
June 4, 2020

Foreign Student Learns English with Otter

An inspirational story about a young Korean woman who is motivated to improve her English.
Simon Lau
Simon Lau
August 2, 2019

Why did my Otter price change?

Here are answers to a few common questions about price changes: How will I know if my price is changing? If your price is changing, Otter will...
Josh Gould
Josh Gould
May 12, 2020

How Otter.ai Is Helping Companies Transition to Remote Work and Distributed Teams

According to research from Global Workplace Analytics, the number of US employees working remotely increased by 44% in the last five...
Chang Chen
Chang Chen
August 13, 2020

In Otter Words - Kitty Kolding

Kitty Kolding specializes in market research, and is an expert in analyzing consumer data. Once the CEO of Inforcore...
Ross Rubin
Ross Rubin
December 10, 2020

How to transcribe Cisco Webex meetings with Otter.ai

Transcribing a Webex meeting is easy with Otter.ai: all you need to do is follow these 5 simple steps...
Simon Lau
Simon Lau
April 26, 2020

Tools for Recording & Transcribing Meetings

For decades, human transcription has been the norm. In almost every meeting and conference room, there used to be someone for note-taking...
Chang Chen
Chang Chen
September 23, 2021

Transcribe Zoom recordings automatically

Otter can automatically sync cloud recordings from your Zoom account and transcribe them in your Otter account.
Simon Lau
Simon Lau
August 27, 2019

Dale Beaumont recommends Otter at Youpreneur Summit

Dale Beaumont is a dynamic and compelling business educator, speaker, entrepreneur and author, Dale...
Josh Gould
Josh Gould
June 6, 2019

Online Meeting Etiquette Mistakes You Might Not Know You're Making

Over the past year and a half, online meetings have become the norm. Yet, alongside this shift has come a whole slew of new social rules...
Chang Chen
Chang Chen
November 11, 2021

Online Teaching Tips & Techniques for the Virtual Classroom

It’s unclear if the transition to online education will be permanent, but it seems that the future of learning is at least partially remote...
Chang Chen
Chang Chen
September 17, 2020

Otter.ai Announces Otter for Teams, Bringing AI-Powered Collaboration Assistant to Businesses

Artificial intelligence and speech experts from Google, Yahoo and Facebook launch first enterprise version of award winning Otter app
Otter
Otter
March 12, 2019
Solutions
For BusinessFor SalesFor EducationFor MediaFor Transcription
Apps & Integrations
All AppsiOSAndroidChrome ExtensionFor SlackFor Zoom
Resources
BlogCareersPressHelp & SupportMedia KitAffiliatePrivacy & Security
© 2022 Otter.aiPricingTerms of ServicePrivacy PolicyJP
Cookie Settings