Login Options
Last updated
Was this helpful?
Last updated
Was this helpful?
Dropzone provides multiple login options to meet your security policy needs.
Username/Password
Yes, via TOTP, e.g. Google Authenticator
Invite and manage users via the Dropzone UI
Sign in with Google
Enforced at Google per your policies
Invite and manage users via the Dropzone UI
Sign in with Microsoft
Enforce at Microsoft per your polcies
Invite and manage users via the Dropzone UI
Custom SAML provider
Enforce at your SAML provider per your polcies
Manage users and roles via your Identity Provider (IDP)
Each of the options above may be enabled or disabled independently. For example you could decide to support only Google logins and not username/password.
Note that the "Sign in with Microsoft" option works with Microsoft 365 / Entra ID organizations. If you use on-prem Active Directory then you will need to use a custom SAML provider.
Dropzone AI supports most SAML Identity Providers (IDPs). When using SAML your Identity Provider enforces both "authn" and "authz". An individual clicks a SAML login button, is authenticated against your IDP, and then your IDP sends them back to Dropzone along with cryptographically-signed information indicating who they are and what role they should have.
When using SAML, we suggest not simulataneously allowing logins via username/password or the Google/Microsoft federation buttons to assure user management and role management is consistent.
Your SAML provider must provide the following attributes:
first_name
First Name
any string
Wendell
last_name
Last Name
any string
Bagg
dropzone_role
Dropzone Role for access control
admin, member, or restricted-read-only
admin
Your IDP must send the user's email address as the "Name ID" field, in EMAIL format.
All SAML connections require that the IDP (your SAML provider) and the SP (the Dropzone environment) exchange some values to establish security.
Dropzone
ACS Url
https://login.dropzone.ai/samlv2/acs
Dropzone
Entity ID
https://login.dropzone.ai/samlv2/sp/11111111-1111-1111-1111-111111111111
Customer IDP
SSO URL
https://accounts.google.com/o/saml2/idp?idpid=C04ultrav
SAML Endpoint, Login URL
Customer IDP
Certificate in PEM form
-----BEGIN CERTIFICATE----- MIIDdDCCAlygAwIBAgIGAYYlaUolMA0G...
IDP Certificate, X.509 Certificate, Signing Certificate
These can be exchanged via your support representative.
If you have any questions about which login options are right for you, engage your Dropzone AI support representative.
