Skip to Content

Testing Your SSO Setup

How to test your SAML configuration after setting it up.

Before You Test

Make sure you have:

  • Completed the Setup Guide
  • Filled in all fields in the Identity Provider tab
  • Toggled Enable SAML to ON
  • Clicked Save
  • At least one test user in your identity provider assigned to the Rune application

Important: You Must Enable SAML to Test

SSO will only work when Enable SAML is toggled ON. You cannot test with it disabled.

Testing Steps

Step 1: Verify SAML is Enabled

  1. Go to SettingsAuthenticationSAML
  2. Go to the Identity Provider tab
  3. Check that Enable SAML toggle is ON
  4. Make sure you clicked Save

Step 2: Open a Private Browser Window

Open a new private or incognito browser window. This ensures a fresh session without cached credentials.

Step 3: Go to Login Page

Navigate to your Rune login page.

You should see:

  • Email and Password fields
  • Sign in with SSO button

Step 4: Click Sign in with SSO

Click the Sign in with SSO button.

What should happen:

  • You’re redirected to your company’s identity provider login page

If nothing happens:

  • SAML is not enabled - go back to Step 1
  • Check browser console for errors

Step 5: Sign In with Your Identity Provider

On your identity provider’s login page:

  1. Enter your test account credentials
  2. Sign in

What should happen:

  • Your identity provider validates your credentials
  • You’re redirected back to Rune
  • You’re automatically signed in to Rune

Step 6: Verify You’re Signed In

After redirect, you should:

  • See your Rune dashboard
  • Be able to access workflows
  • See your name in the top right

Step 7: Check User Was Created

  1. Go to SettingsUsers
  2. Find your test user
  3. Verify:
    • Email matches your identity provider
    • Name is correct
    • Account exists (created automatically if Just-in-Time is enabled)

What Success Looks Like

A working SSO setup:

  1. “Sign in with SSO” redirects to your identity provider
  2. Signing in there redirects back to Rune
  3. You’re logged in without entering a password in Rune
  4. Your user account exists with correct information

Common Problems

”No active SAML configuration found”

What it means: SAML is not enabled

Solution:

  1. Go to SettingsAuthenticationSAML
  2. Go to Identity Provider tab
  3. Toggle Enable SAML to ON
  4. Click Save
  5. Try again

Redirects to Identity Provider but Shows Error

Problem: Identity provider shows “Invalid request” or error page

Solutions:

  • Check that Rune’s Entity ID is correct in your identity provider
  • Verify the ACS URL matches exactly in your identity provider
  • Make sure the SAML application is active
  • Verify the test user is assigned to the Rune application

Redirects Back but Not Signed In

Problem: Returns to Rune but shows login page again

Solutions:

  • Check that the certificate in Rune is correct and includes BEGIN/END lines
  • Verify the certificate hasn’t expired
  • Make sure your identity provider is sending the email attribute
  • Check that the IdP SSO URL is correct

User Account Not Created

Problem: Login works but user doesn’t appear in Rune

Solutions:

  • Make sure Just-in-Time Provisioning is enabled
  • Verify your identity provider sends the email attribute
  • Check that the user is assigned to the Rune application in your identity provider
  • Look at Rune server logs for errors

Wrong Information in User Account

Problem: User created but email or name is wrong

Solutions:

  • Check user attribute mapping in your identity provider
  • Make sure the email attribute is mapped correctly
  • Verify your identity provider sends the correct data

Testing with Different Users

Test with multiple user types before going live:

Test as Admin

  1. Sign in via SSO with an admin account
  2. Verify you have admin access in Rune

Test as Regular User

  1. Sign in via SSO with a regular user account
  2. Verify they can access Rune

Test First-Time User

  1. Create a new user in your identity provider
  2. Assign them to the Rune application
  3. Have them try SSO login
  4. Verify their account is created automatically in Rune

After Testing

If Tests Pass

Your SSO is ready. Announce to your team:

  • SSO is now available
  • They should use “Sign in with SSO” button
  • They sign in with their company credentials

If Tests Fail

  1. Review each step in Identity Provider Setup
  2. Double-check these values:
    • IdP Entity ID
    • IdP SSO URL
    • IdP Certificate (must include BEGIN/END lines)
  3. Verify your identity provider configuration:
    • Entity ID (Rune’s value)
    • ACS URL (Rune’s value)
    • User attribute for email
  4. Check that users are assigned to the Rune application
  5. Try testing again

Keep Password Access

Always maintain at least one admin account that can sign in with email and password. This is your backup if SSO has issues.

Test that you can still sign in with password:

  1. Open a new private window
  2. Enter email and password (not SSO)
  3. Verify you can sign in

Related: Setup Guide | Identity Provider Setup

Installation