Introducing SAML and Single Sign-On

Security Assertion Markup Language (SAML) is a security standard for logging into applications. Single Sign-On (SSO) allows users to log in to many applications or websites via one set of login details. This is commonly used in big companies. 

Only Team Owners and Admins are allowed to configure SAML/SSO logins for your workspace. 

SAML and Single Sign-On (SSO) is only available on the Enterprise subscription to enable easier logins for your workspace members.

How SAML SSO works in Piktochart


The Workspace Owner sets up SAML SSO.


Piktochart creates a SAML request and sends this to the identity provider (IdP).


The IdP checks your credentials to confirm they are correct.


The IdP sends a response to Piktochart to verify your identity.


Piktochart accepts the response and logs you into our system.

Initial setup of SAML Single Sign-On

You might need help from your IT team/department for this technical setup.
Select Settings & Members from the drop-down menu on the top right corner of the page
Go to the Workspace Settings
Select SecurityBegin Configuration

Step 1: Enter your company domain (e.g.

  • Anyone with a similar subdomain email that doesn’t match e.g. is not considered the same company domain.
  • We do not accept generic domain emails e.g.

Step 2: Key in the respective fields in your IdP (If you have any issues, contact [email protected]):

And map the following attribute statements in your IdP:

  • "email" (user's email)
  • "name" (user's name)

Step 3: Then, upload your SSO Provider XML file or fill up manually the SSO URL and SSO Certificate.

Step 4: Create a TXT record of the DNS token using your domain host. You can insert an email address to receive a notification when domain verification is completed.

All set! SAML SSO is going through the verification process and it may take up to 72 hours, depending on your domain host. 

Configuration of SAML Single Sign-On

Piktochart allows to easily edit the existing SAML SSO configuration using the Security section in the Workspace settings. This section enables customers to:

  • upload a new SSO provider metadata XML file
  • specify a new IdP target authentication URL
  • insert a new IdP certificate
  • enable/disable SAML authentication
  • toggle enforcement of SAML login to all team members
The security section of the settings is only available to the workspace (team) owner.
Follow these steps to update existing SAML SSO configuration:
Select Settings & Members from the drop-down menu on the top right corner of the page
Go to the Workspace Settings
Select Security
Current SAML Single Sign-On settings are displayed on the screen:

To change the settings, simply toggle the buttons or Click the Edit configuration button to proceed with the additional configuration:

Common Questions

How do I deactivate users?

You need to access your IdP to deactivate users. Deactivating a user in your IdP removes the user’s access to log in via SAML SSO. However, the user can still log in using the email/password method. 

Why am I receiving an error message when trying to log in using SAML SSO?

There are a few possibilities:

  • Using Gmail: If you are currently using Gmail for your login, you’ll need to change your email address to match your company domain email that is verified for SAML SSO. 
  • Domain email doesn’t match: Your domain email is not the same as the company domain e.g. instead of
  • In-progress configuration: If another team owner from the same company configures for the same company domain, you’ll experience an error when trying to set up SAML SSO. This can happen during the verification process and you’ll see this error message "This domain has already been set up for SAML".

I am a new user in Piktochart. My company has set up SAML. How can I login via SAML?

If you have not created an account in Piktochart, you will need to first create an account. Once this account has been confirmed, you will be able to use SAML SSO for subsequent logins.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.