Which identity providers does Dropbox support?

Dropbox uses the Security Assertion Markup Language (SAML),  which is the industry standard. This means our implementation of single sign-on integrates easily with any large identity provider that supports SAML.

The following identity providers offer preconfigured settings for Dropbox:

  • Auth0
  • Bitium
  • CA Siteminder
  • Centrify
  • G Suite
  • MobileIron Access
  • OneLogin
  • Okta
  • Ping Identity
  • Salesforce
  • Symantec Identity: Access Manager
  • Symplified

Note: We also integrate with self-built SAML-­based federated authentication processes, and support both service­-provider-initiated SAML and identity­-provider-initiated SAML.

How to configure your own identity provider solution for SSO

If you’d like to configure your own solution or use a different identity provider, here are the parameters and information you'll need:

  • Dropbox uses SAML2 with the HTTP Redirect binding for SP to IdP and expects the HTTP Post binding for IdP to SP
  • The Dropbox post-back URL (also called the Assertion Consumer Service URL) is https://www.dropbox.com/saml_login
  • Dropbox requires that the NameID contain the user’s email address. Technically we are looking for: Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
  • Your identity provider may ask if you want to sign the SAML assertion, the SAML response, or both. Dropbox requires the SAML response to be signed. You can choose signed or unsigned for the SAML assertion.
How helpful was this article?

We’re sorry to hear that.
Let us know how we can improve:

Thanks for your feedback!
Let us know how this article helped:

Thanks for your feedback!