Configuring Coupa for SAML SSO

About this task

For assistance in configuring Coupa for SAML single sign-on (SSO), Coupa recommends you send your prepared idp-metadata.xml to their support team or your Coupa Implementation Adminstrator along with:

Login page URL
Logout page URL
Timeout URL
A test user that exists in your identiy provider (IdP)

Steps

Sign on to your Coupa account as an administrative user.
Click the Setup tab.
In the Company Setup section, click Security controls.

Import the idp-metadata.xml that you prepared above into the Upload IdP metadata field.

During development and testing of the Coupa connector, we were unable to upload the idp-metadata.xml into Coupa without receiving errors, so we did contact Coupa to assist with this configuration.

Select the Advanced Options check box.
In the Login page URL field, enter the Login page URL:

Choose from:
- SP-initiated SSO: Enter https://prdsso40.cloudcoupa.com/sp/startSSO.ping?PartnerIdpId=YOUR_PF_ENTITY_ID&TARGET=https://YOUR_COUPA_SUBDOMAIN.cloudcoupa.com/sessions/saml_post
- IdP-Initiated SSO: Points to the login page of your IdP.
In the Logout page URL field, enter the Logout page URL.

The Logout page URL is set to where your users should be directed when they sign off of Coupa.
In the Timeout URL field, enter the Timeout URL.

The Timeout URL is set to where your users should be directed if their session times our before they sign on.
Click Save.

Coupa Provisioner

Configuring Coupa for SAML SSO

About this task

Steps

Choose from: