# SAML Configuring SAML SSO for UI Bakery involves two main steps: * Configuring integration in your identity provider; * Configuring SSO in your UI Bakery instance using environment variables. ## Configure UI Bakery integration in your identity provider The configuration process may vary depending on your chosen identity provider, but there are some common considerations to keep in mind. 1. The sign-on URL is `https://YOUR_INSTANCE/api/auth/login/saml` 2. Find or define entityId; 3. Find Metadata XML. ## UI Bakery instance configuration To enable UI Bakery to use your OpenID provider, set the following environment variables: ``` UI_BAKERY_SAML_ENABLED=true UI_BAKERY_SAML_METADATA_URL=https://integration.com/yourapp/metadata.xml UI_BAKERY_SAML_ENTITY_ID=uibakery UI_BAKERY_BRANDING_AUTH_SSO_BTN_TEXT=Login with SAML UI_BAKERY_GLOBAL_SESSION_COOKIE=true ``` ### Disabling MFA from UI Bakery UI Bakery allows you to enable MFA on the *UI Bakery level*. When enabled, it is required for: * users signing in with **email/password** * users signing in via **SSO (SAML)** But some SSO providers may also enforce their own MFA, so users will have to complete *two MFA prompts*: from the SSO provider and from UI Bakery.\ To avoid this and let users complete only their SSO MFA, you need to configure the following variable: `UI_BAKERY_SAML_DISABLE_MFA=true`. With this variable set to *true:* * **SSO users** will only complete MFA handled by the SSO provider * **Email/password users** will complete MFA handled by UI Bakery --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.uibakery.io/on-premise/sso/saml.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.