Zoho Mail Control Panel - Help

Table of ContentsDown

SAML Defenition

SAML - Security Assertion Markup Language SAML, developed by the Security Services Technical Committee of "Organization for the Advancement of Structured Information Standards" (OASIS), is an XML-based framework for exchanging user authentication, entitlement, and attribute information. SAML is a derivative of XML. The purpose of SAML is to enable Single Sign-On for web applications across various domains.


SAML based Authentication for Zoho

 SAML is supported for paid organizations, which host their domain through Zoho Mail . An organization administrator can configure the SAML URL and the public key for the organization. When a user in the organization, logs with the custom URL, say mail.yourdomain.com, the URL will be redirected to the configured SAML URL or the IDP provided for SAML request and login validation. 

The IDP validated the authentication details and return back a SAML response to Zoho, specific for the user. If the response is successful, the user will be authenticated in Zoho, and the session will be initiated. 


SAML Registration Process:

  1. Add and verify your domain
  2. Create users and Email accounts
  3. Configure Custom URL for your domain 
  4. Configure the SAML Authentication in Admin Console

SAML Configuration

The configuration details for the SAML are generally provided by the third party provider or a SAML supported system like Active Directory. 

The parameters required for SAML configuration includes:

Login URL: All the Organization users will be re-directed for custom authentication.

Logout URL: The URL has to be re-directed when users are signed-out from Zoho services under SSO.

Change password URL: Identity Providers' password reset URL, which will be called when the user tries to reset the password in Zoho.

Public key: Key used to decode the response message sent by the Identity provider. Save the Key in a text file and upload it to configure the SAML for the organization.

Login process

Once you have set up the SAML process, with the details provided by the SAML provider, you need to login using your custom URL for authentication. This will redirect your authentication to your provider automatically.

  1. Launch your custom URL (mail.yourdomain.com)
  2. This will be redirected to the SAML login page, provided in the configuration. 
  3. The authentication will be validated by the identitiy provider. 
  4. The Identity provider will provide an encrypted response to Zoho. 
  5. The response will be decoded and will the user will be authenticated if the response returned is 'Success'. 


The Most Powerful Hosted Email for Business Enterprise level hosted mail starting at just $2 /Month /User

Get Started