We're excited to announce that 21RISK now supports SAML 2.0 as a Single Sign-On protocol — in addition to our existing OpenID Connect (OIDC) support.
Why SAML?
Many organizations already use SAML for federation across their application landscape. Until now, 21RISK only supported OIDC, which meant some IT teams had to set up a separate OIDC integration. With SAML support, you can connect 21RISK the same way you connect your other enterprise applications.
How it works
Setting up SAML is straightforward. In Settings → Advanced , you'll find a new option to create a SAML connection. The configuration page guides you through the setup:
- Copy the ACS URL and Entity ID from 21RISK into your Identity Provider
- Paste the Microsoft Entra Identifier , Login URL , and X.509 certificate from your IdP back into 21RISK
- Mark the connection as primary — and you're done
The labels on the 21RISK configuration page match what you see in Microsoft Entra, making it easy to map the values correctly.
Key benefits
- More flexibility — Choose between OIDC and SAML based on your organization's existing infrastructure
- Enterprise-ready — SAML 2.0 is widely supported across all major Identity Providers including Microsoft Entra, Okta, and OneLogin
- Secure by design — Signed assertions, RelayState validation, and email matching protect against forgery and identity substitution
- Full audit trail — Every SSO flow is logged end-to-end, visible in your connection's event log
You can read more in our step-by-step guide here.