ShipHero offers Security Assertion Markup Language (SAML) 2.0, allowing a single Identity Provider (IdP) to use those credentials across connected networks. The SAML protocol makes secure Single Sign-On (SSO) possible when working across different ShipHero programs.
We do not support an IDP-initiated flow. This type of flow could compromise our security because it is highly susceptible to a "Man-in-the-Middle" attack and the interception of the SAML assertion.
If you are interested in configuring SAML SSO for your ShipHero account please reach out to your CSM or our customer support team. They will partner with our technical engineers and provide you with the self-service sign up form.
Using the Self-Service Form
The self-service form should be given to your IT admin to configure accordingly.
IMPORTANT NOTE FOR 3PL CLIENTS: This process needs to be done separately for the ShipHero family of apps (App Dot, Shipping, Packing app, etc) and the 3PL Portal app (ShipsForUs). If you use both sets of apps, you wil be provided two separate self-service links and need to complete the process twice.
Step 1: Select Your Identity Provider
Select the Identity Provider (IdP) from the list of self-service supported providers. In addition those listed below, any provider that implements Generic OIDC or Generic SAML can be used.
Supported Providers | |
|
|
|
|
|
|
Step 2: Create Application
Create a ShipHero application on your Identifty Provider (IdP). The example pictured below for Okta, but works similarly in all IdPs.
Step 3: Configure Connection
Step 4: Claims Mapping
Step 5: Assign Access
Assign users to the ShipHero Application in your IdP, then hit Next.
Step 6: Test SSO
Test your connection confirm everthing has been setup properly before enabling your SSO. Once your test is complete, hit Next to complete the setup.
Congratulations! Your SSO connection is enabled and you can now use it to log in!