# Setup Single Sign-On (SSO)

## How to set up the Sing Sign-On(SSO) in DecisionRules On-Premise

You can use SSO login in DecisionRules. This functionality is set using the `SAML_ENTRY_POINT` and `SAML_ISSUER` env. variables found in the docker-compose configuration file or added to the container before it is started using the command line.

{% hint style="info" %}
From version 1.7.0 needs to be set up SAML\_CALLBACK\_URL.
{% endhint %}

| Variable            | Mandatory          | Description                    |
| ------------------- | ------------------ | ------------------------------ |
| SAML\_ENTRY\_POINT  | Yes                | identity provider entry point  |
| SAML\_ISSUER        | Yes                | issuer string to supply to IdP |
| SAML\_CERT          | Yes                | certificate as a string        |
| SAML\_CALLBACK\_URL | From version 1.7.0 | Reply URL / Single sign-on URL |

**SAML\_ENTRY\_POINT**&#x20;

Is typically a link provided by your IdP for the login page that you gonna use when logging in with SSO.

**`Example:`**`https://devX.okta.com/app/name/HASH/sso/saml`

**SAML\_ISSUER**&#x20;

Could be linked with hash or just name to identify your SSO.

**`Example:`**`okta.com/HASH_STRING`

**SAML\_CERT**

Public certificate of the provider. In a BASE 64 format as a single line without BEGIN CERTIFICATE and END CERTIFICAT&#x45;**.**

**`Example:`**`MIIC8DCCAdigAwIBAgIQap4GhMRA26tJGFD3fdTuNjANBgkqhkiG9w0BAQsFADA0MTIwMAYDVQQDEylNaWNyb3NvZnQgQXp1cmUgRmVkZXJhdGVkIFNTTyBD.......`

**SAML\_CALLBACK\_URL**

It is the URL that which provider call with the callback. Need to be set up on the provider.

**`Example:`**`https://api.decisionrules.io/saml/callback`


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.decisionrules.io/doc/v1/on-premise-docker/setting-up-sso.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.