Skip to main content


Roxit SAML application setup

This article demonstrates how to set up single sign-on for Roxit. The configuration takes place in HelloID and requires you to send information to Roxit.

  • HelloID environment

  • Roxit environment

Create or import a certificate

If there is no certificate yet, you must create or import one. For this tutorial, we will create a self-signed certificate. Name it RoxitSelfSigned.

Application setup
Add the Roxit application
  1. Add a new application.

  2. Find the template for Roxit (SAML).

  3. Select its Add button.

General tab

Change the following settings:

  • Default Login URLRoxit PreProduction ADFS URL:

    Roxit Production ADFS URL:


Select the Next button.

Single Sign-On tab

Change the following settings:

  1. SP-initiated URL

    Roxit PreProduction ADFS authentication URL:

    Roxit Production ADFS authentication URL:

  2. X509 CertificateSelect the certificate that you previously imported or created.


Select the Next button.

Self Service tab

Optionally, generate a Self Service product, which makes the application requestable. Select a group which will have access to the product.

Select the Next button.

Finish tab

On the Finish tab, click Save to add the application to HelloID.

Additional configuration

By default, the user's HelloID {{user.username}} attribute is sent as the SAML attribute claim This configuration requires the emailaddress in Roxit to match the username in HelloID (by default, this is the userPrincipalName when syncing AD users to HelloID).

If you want to use a different attribute, see Mapping - Overview.

Supplier-side configuration

The HelloID side of the configuration is now finished. To connect, Roxit must add the connection on their side. Contact Roxit to request this. Send them the following information:

  • Metadata URL

Metadata URL
  1. Go to the Applications overview.

  2. Select the Edit link for the newly-added Roxit application.

  3. Right-click the Download metadata button

  4. Select Copy link address. It will resemble:

Finish up

After Roxit adds the connection, the application is ready for use. Go to the HelloID User Dashboard and launch the application. You should be authenticated into the Roxit application without being prompted for credentials.

You are now free to test the application and assign it to users within your organization. Be sure to assign the application shortcut you created, rather than the original application. See Applications - Overview and its related articles for more information.