Single Sign-On (SSO) allows team members to sign in to net2phone using their corporate credentials instead of a separate username and password. SSO is configured at the organization level by adding user identity provider (IdP) details.
Requirements and notes
To enable Single Sign-On, you must configure your organization’s identity provider in the Admin Settings portal.
You will need the following information from your identity provider:
- Login URL
- Logout URL (optional)
- Entry ID
- Public certificate
- Certificate file upload
Once configured, users will authenticate using your organization’s identity provider credentials.
Step 1: Access SSO configuration settings
SSO settings are available in the Settings portal. Administrator users can enable or modify SSO configuration:
- Log in to the net2phone desktop or browser app with Admin credentials.
- Click your profile icon in the top right corner.
- Click Admin Settings from the left navigation menu.
You will be redirected to the Settings portal. - Select the Single Sign On page from the right navigation menu.
Step 2: Add your Identity Provider
To enable SSO, provide the required identity provider information in the Single Sign-On section of the net2phone Settings portal.
Set Up Google as a Single Sign-On (SAML) Provider
This article provides general SSO information that is applicable to all SAML providers. If your organization uses Google Workspace, you can refer to Set Up Google as a Single Sign-On (SAML) Provider for detailed steps.
Configuration Fields
You will need to use the following fields to connect net2phone to your identity provider.
-
Login URL
The URL used by your identity provider to authenticate users. -
Logout URL (Optional)
The URL used to sign users out of your identity provider when they log out of net2phone. -
Entity ID
The unique identifier provided by your identity provider. -
Public Certificate
Paste or upload the public certificate issued by your identity provider.
Email Alias Authentication
The following option allows additional flexibility in how users authenticate.
Allow email aliases to be configured on users
Allows users to authenticate using alternate email addresses associated with their account.
Enable this option only if your identity provider supports email aliases.
Step 4: Set your Assertion Consumer Service (ACS) endpoint
If your identity provider requires an ACS endpoint, use the following URL:
https://auth.net2phone.com/saml/login/callback
Step 5: Save or test configuration
After entering your SSO settings, use the following actions to validate or apply your configuration.
- Submit – Saves your SSO configuration.
- Cancel changes – Discards unsaved updates.
- Test Configuration – Verifies your identity provider settings before enabling SSO.
Testing the configuration is strongly recommended before enabling SSO for all users.
Success: After SSO is enabled
Once SSO is enabled, the following behaviour applies across your organization.
- Users sign in using their corporate credentials.
- Password management is handled by the identity provider.
- SSO applies across supported net2phone apps and services.
These changes take effect immediately after SSO is enabled.
Android App Behaviour with Single Sign-On (SSO)
To support Single Sign-On (SSO) on Android devices, net2phone updated the app signing method. As a result of this change, some users may be prompted to reinstall one or more net2phone apps after upgrading.
When Does This Occur?
This behaviour is expected and only occurs once after the update. Reinstallation prompts may appear after upgrading to:
net2phone Calling app version 1.2.3 or later
net2phone Huddle app version 1.0.6 or later
What Should Users Do?
If prompted:
- Uninstall the affected app(s) from the Android device.
- Reinstall the app(s) from the Google Play Store.
- Sign in again.
After reinstalling, signing in to one net2phone app will automatically sign the user into all net2phone apps on that device.