Please note you will need a corporate policy as well as domain control enabled in order to set this up.

  1. Go to https://cloud.centrify.com/manage


2. Click apps, click Add Web Apps


3. Click the Custom tab, scroll down, click SAML

4. Close dialog. You should then land on app settings. If not, click 'apps' and click 'newly added app' from the list.

5. Enter Assertion Consumer Service URL https://www.expensify.com/authentication/saml/loginCallback?domain=<yourcompanysdomain.com> (making sure you change the bolded text to your domain). Uncheck 'Encrypt Assertion', then click Save.

6. Scroll down and download metadata (save file for later) 

7. Click Description tab and set application name to 'Expensify - SAML', add description, upload image, and set a category. Click Save.

8. Click User Access tab , check 'Everybody' and leave Automatic Install as-is. Click Save.

9 . Open the metadata file you saved, search for <KeyDescriptor> and add the use="signing" attribute so it looks like so: <KeyDescriptor use="signing">

10. Copy the contents of the file into your SAML settings in Domain Control in Expensify.

All set! 

Did this answer your question?