This website requires JavaScript.

Secure authentication with SAML SSO

Easily set up single sign-on (SSO) via a third party identity provider.

Book a demo
Try Spendesk

TRUSTED BY FINANCE LEADERS. LOVED BY ALL.

Control and enable Spendesk access
for employees

  • Connect Spendesk with your SSO identity provider

    Spendesk is compatible with several well known identity providers, such as Okta, Onelogin & Microsoft Azure.

  • Secure employee access with a single sign-on portal

    Control the authorization and authentication of employees access to Spendesk.

  • Enable simple and fast authentication for employees

    Using one SSO credential, employees can easily access every app they need.

Spendesk gives us more control over expenses, with a very reliable reporting system.

André Carvalho

Head of Finance at Wetek

Why switch to Spendesk?

Spend control

Track business spending in real time.

Learn more
Smart company cards

Unblock employees with prepaid cards.

Learn more
Invoice management

Automate receipt and invoice recovery.

Learn more
Accounting automation

Simplify your general ledger with automation.

Learn more

Get the spend control and visibility finance teams need.

Book a demo

SAML SSO | Spendesk — FAQ

Spendesk supports SAML SSO to provide secure single sign-on using third-party identity providers such as Okta, OneLogin, and Microsoft Azure. Spendesk's SAML integration centralizes authentication, lets administrators control authorization and access, reduces password resets, and preserves Spendesk features like company cards, invoice management, and real-time spend visibility.

To set up SAML SSO for Spendesk with Okta or Azure AD, export Spendesk's SAML metadata or ACS URL, configure the identity provider with that metadata, map required user attributes, upload the IdP certificate in the Spendesk admin console, enable SAML in Spendesk, and run test logins to verify single sign-on and attribute mapping.

Spendesk delegates authentication to the configured identity provider, so multi-factor authentication is enforced by the IdP. Enabling SAML SSO lets organizations apply MFA policies in Okta, OneLogin, or Azure while maintaining Spendesk access control and centralized administration of user sign-on behavior.

Enabling SAML SSO centralizes authentication but preserves Spendesk's internal permission and approval model. Administrators continue to manage Spendesk-specific settings such as card access, spend limits, and approval chains inside Spendesk while authentication and single sign-on are handled by the configured identity provider.