---
title: "Manage Identity Provider (IdP) on E2E Cloud"
sidebar_label: "Manage Identity Provider (IdP)"
---

# Manage IdP on E2E Cloud

E2E Cloud supports **Single Sign-On (SSO)** using the **SAML 2.0 (Security Assertion Markup Language)** protocol — a standard method for securely exchanging authentication and authorization information between a **Service Provider (SP)** and an **External Identity Provider (IdP)**.

In this setup, **E2E Cloud acts as the Service Provider (SP)**, while an organization’s **External Identity Provider (IdP)** — currently **Microsoft Entra ID (formerly Azure Active Directory)** — manages user authentication.  
This allows users to sign in to E2E Cloud using their organization’s credentials for improved security and centralized identity management.

> **Note:** E2E Cloud currently supports SSO **only via Microsoft Entra ID**.  
> Support for additional external IdPs (such as **Okta**, **Google Workspace**, and **Ping Identity**) will be added in future releases.

---

## Prerequisites

Before enabling SSO for your organization, ensure that:

- Your organization admin is registered in **E2E Cloud**.  
- You have **admin access** to your organization’s Identity Provider (currently supports **Microsoft Entra ID**).  
- Each invited user has a **registered mobile number** in Microsoft Entra ID.  
- The **Phone Number claim** is enabled in the IdP’s SAML application configuration.  

  > **For Microsoft Entra ID:**  
  > See [Configure user claims for SAML applications in Microsoft Entra ID](/docs/myaccount/GettingStarted/entra_setup/#add-the-phone-number-claim)

---

## Limitations

**1. Phone Number Requirement**

For Single Sign-On (SSO) to work correctly, the user must have a **valid phone number** associated with their profile in the Identity Provider (IdP).

If a phone number is **not** present in the IdP user profile, the user will **not** be able to sign in to the MyAccount portal using SSO.

---

**2. Migrating Existing MyAccount Invitations to SSO**

Users who were previously invited using **MyAccount (E2E Networks) authentication** cannot automatically transition to SSO.

To enable SSO access for such users, an administrator must:

- Remove the existing **MyAccount-based invitation**, and  
- Re-invite the user, selecting the appropriate **Identity Provider (IdP)** for SSO.

---

**3. Administrator Login Limitation**

Currently, **organization administrators cannot sign in using SSO**.

Administrators should continue using **MyAccount (E2E Networks) authentication** until SSO support for admin accounts is introduced.  

---

## Configuring Your External Identity Provider (IdP) for SSO in E2E Cloud

To integrate **Microsoft Entra ID** with E2E Cloud:

1. Log in to your **E2E Cloud** account.  
2. Navigate to **IAM → Identity Providers**.  
3. Click **Add Identity Provider** → select **External Identity Provider** → click **Continue**.  
4. Download the **Service Provider (SP) metadata file** from E2E Cloud.  
5. Configure your **External Identity Provider (IdP)** to establish trust with **E2E Cloud** using the **SAML 2.0 metadata** exchanged during setup.


> **For Microsoft Entra ID:** 
> See [Set up SAML-based Single Sign-On with Microsoft Entra ID on E2E Cloud](/docs/myaccount/GettingStarted/entra_setup/)

6. After completing the configuration in your **External Identity Provider (IdP)**, download the **Federation metadata file (XML)** from the IdP’s portal, and then **upload it to E2E Cloud** to create the IdP connection.

---

## Invite Users for SSO Access

Once the IdP configuration is complete:

1. Assign users or groups to your **External Identity Provider (IdP) application** to grant them access to **E2E Cloud** through **Single Sign-On (SSO)**.  

> **For Microsoft Entra ID:**   
> See [Configure groups in Microsoft Entra ID](/docs/myaccount/GettingStarted/entra_setup/#assign-users-or-groups-in-microsoft-entra-id).

2. In **E2E Cloud IAM**, navigate to **Users → Add User**, and invite the same users by email. During the invitation process, **select the Identity Provider (IdP)** you configured in E2E Cloud to enable SSO access for the invited users.
 
3. Assign roles such as **Admin**, **Billing**, **Project Manager**, or **Member**.  

<br> </br>

:::warning  
Only users who are invited in E2E Cloud **and** assigned to the configured **External Identity Provider (IdP)** application can access E2E Cloud via SSO.  
:::

---

## Signing In with SSO

1. Go to the [E2E Cloud Login Page](https://myaccount.e2enetworks.com).  
2. Click **Sign in with SSO**.  
3. Enter your **Organization ID** (received in the invitation email), then click **Continue**.  
4. You’ll be redirected to your configured **External Identity Provider** for authentication.  
5. Upon successful verification, you’ll be signed in automatically to **E2E Cloud**.

---

## Managing Identity Providers

### View Your Organization ID

Each organization in **E2E Cloud** is assigned a unique **Organization ID**, which links your company’s **users**, **domains**, and **SSO configuration**.

#### For Administrators

Administrators can view the **Organization ID** directly within **E2E Cloud MyAccount**:

1. Sign in to **MyAccount** as an Administrator.  
2. Navigate to **Settings → Organization → Identity & Access Management (IAM)**.  
3. Under the **Organization Details** section, locate your **Organization ID**.

<br> </br>

:::tip  
This Organization ID is required during login to uniquely associate your **Identity Provider (IdP)** with its corresponding organization and users in **E2E Cloud**.  
:::

---

#### For Non-Admin Users

Non-admin users **cannot view** the Organization ID directly.  
To identify or confirm their Organization ID, they can:

- **Contact their Organization Administrator** for assistance, or  
- **Check the original invitation email** used to join the organization — it corresponds to the organization linked to their SSO setup.

---

<br> </br>

:::note  
Keep your **Organization ID** secure and **do not share it publicly**.  
It uniquely associates your organization with its **SSO** and **identity configurations** within **E2E Cloud**.  
:::

### Rename an IdP
1. Go to **IAM → Identity Providers**.  
2. Click the IdP name → **Edit** → update the name → **Save** ✔️.

### Delete an IdP
1. Go to **IAM → Identity Providers**.  
2. Click the **Action menu** next to the IdP → **Delete**.  
3. Confirm deletion after ensuring there are no linked users.

<br> </br>

:::warning  
Before deleting, ensure there are **no active or invited users** associated with the IdP.  
:::

---

## Summary

Integrating a trusted **External Identity Provider (IdP)** with **E2E Cloud** through **Single Sign-On (SSO)** offers a unified, secure, and scalable way to manage user authentication across your organization.  
By leveraging **SAML 2.0**, E2E Cloud ensures that user identities are verified directly through your organization’s IdP, eliminating the need for multiple credentials while maintaining enterprise-grade **security**, **compliance**, and **centralized control**.

This integration helps streamline access management, reduce administrative overhead, and enhance user experience through seamless, secure sign-ins across all E2E Cloud services.


---