Menu

Expand
Rate this page:

Thanks for rating this page!

We are always striving to improve our documentation quality, and your feedback is valuable to us. How could this documentation serve you better?

Flex SSO URL Migration Guide

We have deprecated the preview.twilio.com SSO URL and will be disabling it on April 1 2020. This guide will explain how to migrate to the iam.twilio.com SSO URL.

This guide will show you how to modify your SSO configuration on both your Identity Provider and Twilio so that you can authenticate users and enable Single Sign-On with the iam.twilio.com SSO URL. If you haven’t configured SSO for your Flex instance, please see our Configuring Single Sign-on and Identity Provider integration guide.

Single Sign-On for Flex is now Generally Available and we have updated the SSO URL from https://preview.twilio.com/iam/Accounts/<YOUR ACCOUNT SID HERE>/saml2 to https://iam.twilio.com/v1/Accounts/<YOUR ACCOUNT SID HERE>/saml2.

In order to migrate to the new SSO URL you’ll need to

  1. Update your configuration on your IDP
  2. Configure the Twilio SSO URL you are using in the Twilio Console

You must complete these steps immediately after each other. Please ensure that you have access to your IdP and your Twilio account before migrating to the new Flex SSO URL.

Updating your IDP configuration

Okta

Okta Edit SAML

In the Basic Settings for the Okta Application you need to update both:

  1. The SAML Single Sign On URL https://preview.twilio.com/iam/Accounts/ACxxxx/saml2 to https://iam.twilio.com/v1/Accounts/ACxxxx/saml2.
  2. The Audience URI from https://preview.twilio.com/iam/Accounts/ACxxxx/saml2to https://iam.twilio.com/v1/Accounts/ACxxxx/saml2/metadata. Note the addition of metadata addition at the end of the Audience URI.

Make sure to replace the Account SID (ACxxxx) with your real Account SID.

Turn on the checkbox labeled “Use this for Recipient URL & Destination URL’ and add the Audience URI with `/metadata` at the end of the `iam` URL.

Okta Settings

Okta will auto-populate the Recipient URL and Destination URL. Once you’re finished editing your settings, your configuration should look like the following:

Now you need to update the Twilio SSO URL in the Twilio Console to complete the migration

Microsoft Azure

Active Directory Settings Page

In the Basic Basic SAML Configuration update:

  1. The Identifier (Entity ID): https://preview.twilio.com/iam/Accounts/ACxxxx/saml2 to https://iam.twilio.com/v1/Accounts/ACxxxx/saml2/metadata. Note the addition of metadata addition at the end of the Identifier (Entity ID).
  2. The Reply URL from https://preview.twilio.com/iam/Accounts/ACxxxx/saml2to https://iam.twilio.com/v1/Accounts/ACxxxx/saml2.

Make sure to replace the Account SID (ACxxxx) with your real Account SID.

Now you need to update the Twilio SSO URL in the Twilio Console to complete the migration

Google

Google SSO Flex (IAM v1)

Go to your Google SAML Apps and click on your Flex SAML app. Then click into your Service Provider Details and update:

  1. The ACS URL: https://preview.twilio.com/iam/Accounts/AC/saml2 to https://iam.twilio.com/v1/Accounts/ACxxxx/saml2/
  2. The Entity ID from https://preview.twilio.com/iam/Accounts/ACxxxx/saml2 to https://iam.twilio.com/v1/Accounts/ACxxxx/saml2/metadata. Note the addition of metadata addition at the end of the Entity ID.

Make sure to replace the Account SID (ACxxxx) with your real Account SID.

Now you need to update the Twilio SSO URL in the Twilio Console to complete the migration

Salesforce

Salesforce SSO Flex (IAM v1)

In the Web App Settings update:

  1. The ACS URL: https://preview.twilio.com/iam/Accounts/ACxxxx/saml2 to https://iam.twilio.com/v1/Accounts/ACxxxx/saml2/
  2. The Entity ID from https://preview.twilio.com/iam/Accounts/ACxxxx/saml2 to https://iam.twilio.com/v1/Accounts/ACxxxx/saml2/metadata. Note the addition of metadata addition at the end of the Entity ID.

Make sure to replace the Account SID (ACxxxx) with your real Account SID.

Now you need to update the Twilio SSO URL in the Twilio Console to complete the migration

Updating your Twilio SSO URL to iam.twilio.com

Twilio SSO URL

Immediately after you’ve made the above change on the configuration on your IDP to use the iam.twilio.com URL you should update the Twilio SSO URL for your account. You can do this in the Flex Console Single Sign-on settings page by selecting the USES IAM.TWILIO.COM radio button and saving your changes.

Rate this page:

Need some help?

We all do sometimes; code is hard. Get help now from our support team, or lean on the wisdom of the crowd browsing the Twilio tag on Stack Overflow.