Skip to main content

PackNet Online Documentation

Single Sign-On

PackNet supports Single Sign-On (SSO) integration using two industry-standard protocols:

  • Security Assertion Markup Language (SAML) 2.0

  • OIDC (OpenID Connect), built on the OAuth 2.0 framework

These protocols allow customers to manage authentication through their own Identity Provider (IdP), letting users to access PackNet with their corporate credentials instead of PackNet-managed usernames and passwords.

Supported Protocols

SAML 2.0
  • Commonly chosen by enterprise customers.

  • Supports role provisioning, meaning the customer’s IdP can send role or group information to PackNet to determine user permissions.

    Note

    Roles will still need to be defined in PackNet.

  • Recommended for organizations with established identity infrastructure (e.g., Active Directory, Okta, Ping Identity).

OpenID Connect
  • Supports standard authentication via OAuth 2.0.

  • Does not currently support role provisioning; roles must be managed directly within PackNet.

  • Requires customer-provided OIDC configuration details, including:

    • client_id and client_secret

    • A well-known URI for the IdP (must be accessible from the Packsize cloud)

    • Redirect URIs specified by Packsize (e.g., https://fd-saas-prod.azurefd.net/PackNet/login)

Identity Provider Requirements

Customers must manage and host their own Identity Provider (IdP). PackNet is compatible with any IdP that conforms to standard SAML 2.0 or OIDC protocols.

Examples include:

  • Managed services: Okta, Azure Active Directory, Ping Identity

  • Self-hosted or custom IdPs

    Note

    May require additional validation and testing.

If a customer’s IdP is hosted within a private network (not publicly accessible), the OIDC flow may still function through the user’s browser, but certain edge cases may arise. Packsize recommends using an IdP that is accessible from the internet to ensure full compatibility.

Configuration and Domain-Level Enablement

  • SSO is configured at the domain level (e.g., all users with @companyx.com emails use SSO).

  • User-level SSO configuration is not currently supported.

  • SSO setup is not self-service at this time. Packsize will assist in configuring and validating the integration.

  • Updates or changes to the SSO configuration will require coordination with Packsize’s technical team.

Summary of Requirements

Requirements

Description

Protocols Supported

SAML 2.0, OpenID Connect (OAuth 2.0)

Role Provisioning

Supported via SAML only

Customer-Hosted IdP

Required

Network Accessibility

Publicly accessible IdP recommended

Configuration Scope

Domain-level

Access Experience

Once Single Sign-On is configured:

  • Users sign in to PackNet using their corporate credentials — no separate PackNet password required.

  • Authentication happens through the organization’s IdP, providing a consistent and secure login experience.

  • Access permissions within PackNet are determined by roles defined in PackNet. With SAML, the matching roles will need to be passed in the SAML request.

  • All users under the configured email domain will automatically be directed to the SSO login page when logging into PackNet.

SSO Implementation

SAML Implementation Summary

Packsize will need to know the SAML Sign-In URL and Certificate.

The customer will be provided with the following information from Packsize:

  • Auth0 Connection Identifier

  • Customer ID

  • Roles

  • Packsize Auth Certificate

OIDC Implementation Summary

Packsize will need the following information:

  • IdP client id

  • IdP client secret

  • IdP well-known URL

The customer will be provided with the following information from Packsize:

  • Application type

  • Redirect URIs

  • Required permissions

  • Grant/flow

  • Token endpoint client auth

  • Single logout and RP-Initiated logout: not supported