How to Configure SAML 2.0 for Pigeonhole Live

Read this before you enable SAML

Enabling SAML affects all users who use this application, which means that users cannot sign in through their regular sign-in page. They will only be able to access the app through the Okta service.

Backup URL

Pigeonhole Live does not provide a backup sign-in URL where users can sign in using their regular username and password. You can call Pigeonhole Live support to turn off SAML if necessary.

This setup might only succeed with customised parameter values for your organisation. 

Please use the Okta Administrator Dashboard to add an application and view the specific values for your organisation.


Supported Features

The Okta/Pigeonhole Live SAML integration currently supports the following features:

  • SP-initiated SSO
  • IdP-initiated SSO

For more information on the listed features, visit the Okta Glossary

Configuration Steps

  1. Log in to your Pigeonhole Live account.

  2. Click the dropdown arrow, then click SSO configuration


  3. Go to your Okta Pigeonhole Live application. Under Sign On click Edit

    Graphical user interface, text, application, email

Description automatically generated

  4. Under Step 1: Set up your Identity provider. Copy Callback URL from Dashboard to ACS URL and Service Provider Entity ID to Audience URI

    Graphical user interface, application, email

Description automatically generated

  5.  Select Email for Application username format

    Graphical user interface, application

Description automatically generated
  6. Click Save
  7. Go back to the dashboard and click Add SAML configuration


  8. Enter the following information:

    • Login URL/SignOn: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • IDP Issuer/Entity ID: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • Copy the Certificate: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.                                                    

9. Click Test Configuration



10. Click Apply new Configuration


11. You are all done!


SP-initiated  Dashboard SSO

  1. Go to:
  2. Enter your email address.
  3. Click on Continue to Login


  1. You will be redirected to the Okta sign-in page, where you can enter your login details.

SP-initiated Attendee SSO

  1. Attendees can access a pigeonhole link with a passcode that requires an SSO login. It looks just like this and displays this way on the screen.


  6. They will then be asked to log in to Okta.

  7. Once successfully logged in, they can access the pigeonhole.

  8. Since only SP-initiated flow is supported, we recommend hiding the application icon for users. This can be done on the General tab of your Okta Pigeonhole Live administration page.