User Guide

Account Management

Account Sharing

We encourage team collaboration, and make it possible! As an account administrator, visit "my account" then "team" to invite a collaborator or revoke a previously given access.

This will send an email invitation under your name. Once signed-up, the new team member will have access to all the features of your account, except the team management, billing and payment sections.

Multiple Accounts Access

Multiple accounts is permitted using our sharing access options. We will ask you to not exceed one free account per organisation.

The best way to use several accounts at the same time, is to use a personal master access using your main email address.

After two or more accounts are connected to this email address, a switch button will appear on top of our interfaces allowing you to quickly access an account or another.

Termination of your account

You can cancel your account at any time, by contacting our support team. We'll be very sad to see you leave and would be grateful if you could share your reasons or idea of improvement in your message.

Single Sign-On Authentication

Single Sign-On via SAML

Invite your whole team to collaborate with you with a one-time setup and using your internal enterprise login provider.

In order to activate Single Sign-On integration on your account first of all you need to create your account and make sure your plan includes the feature.

The SSO integration is done via the protocol SAML 2.0 which is widely supported by the identity providers.

Using Security Assertion Markup Language (SAML), a user can use their managed account credentials to sign in to Pagescreen via Single Sign-On (SSO). You don't have to invite individual users if your company has a common authentication mechanism already implemented. The users will have restricted access to the resources of the account and will not be able to change the SSO settings themselves unless you promote them to account administrators.

Once you setup the SSO config in your account you can use the page to login in your workspace.

Steps to enable SAML SSO:

  1. Head to
  2. Head to Account page
  3. Head to Single Sign-On tab
  4. Find the SAML Service Provider endpoints on the right
    • EntityID:
    • Assertion Consumer Service URL:<xXxXxXXxX>
    • Single Logout URL:<xXxXxXXxX>
    • Metadata URL:<xXxXxXXxX>
  5. Enter or import Identity Provider settings on the left:
    • Workspace name
    • IdP EntityID/Issuer
    • IdP Login Url
    • IdP Logout Url
    • X.509 Certificate
  6. Click Save
  7. Integration is completed


Workspace name

A workspace is a shared place where members communicate and collaborate. The name of your workspace is how we recognize that given team member needs to authenticate against a specific identity provider.

The workspace name is defined by you for your team. Normally this name includes a short slug of your company name or domain. It should be short and unique. Spaces or other special characters are not allowed.

You can also use a direct link to your environment with adding the workspace name to the team link as<workspace-name>

Identity Provider (IdP)

Identity Provider (IdP) Configuration

An identity provider is a trusted authentication service that lets you use Single Sign-On (SSO) to access our platform. It can be either internal or external service like Google or Auth0.

IdP Entity ID / Issuer:

Provided by the IdP

IdP SSO Url:

Provided by the IdP

IdP X.509 Certificate:

An X.509 certificate contains information about the identity to which a certificate is issued and the identity that issued it. This certificate is used to verify and sign the requests and responses within the communication with the IdP. The certificate contents is normally part of the IdP Metadata, so it can be imported right away.

Provided by the IdP

Import IdP Metadata XML

In the interfaces of most identity providers you can find an option to download their Metadata XML file, which after you can import in Pagescreen in order validate the contents and contectivity between the services.

Import from remote hosted Url
Import Metadata XML file
Import Metadata contents

Service Provider (SP)

Entity ID / Issuer


Assertion Consumer Service (ACS) Url

HTTP POST Binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST

Single Logout Service

HTTP Redirect Binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect

SP Metadata

You can find Pagescreen Service Provider metadata at page on the right. There's the option to use it as a hosted url or download it as xml file.

Our Metadata will be signed by default.


Pagescreen icon: (512x512px)

User Attributes Mapping

User Attributes Mapping

Attribute Name Description Alternatives
email E-Mail Address mail
firstname First Name givenname
lastname Last Name familyname

NameID Format


Signatures & Encryption

All outgoing requests are being signed and encrypted by default. All incoming XML requests will be validated.

You can find Pagescreen public certificate at

Authentication request



Signature Algorithm

The default signature algorithm is SHA-256.

If you need another algorithm to be used please contact us.

Supported signature/encryption algorithms:

Digest Algorithm

IdP Guides

As every Identity Provider platform (IdP) has different steps to configure and enable a Service Provider application (SP) we've prepared quick how-to guide for the major platforms such as Google, Auth0, OneLogin and miniOrange.

Google Identity Provider

G-suite as Identity Provider

Detailed IdP setup

  1. Following the steps at Google SSO Guide
  2. Step Google IdP Information
  3. Choose Option 2 and Download Metadata xml
  4. Click Next
  5. Step: Add Basic information for Pagescreen
    1. Application name: Pagescreen
    2. Upload logo: Download logo from
  6. Step Add Service Provider Details
    1. ACS URL<xXxXXxXXxXx>
    2. Entity ID:
  7. Click Next and finish the process

Connect with Pagescreen

  1. Go to Pagescreen > Account > Single Sign-On > Import
  2. Select the file downloaded at Step 2 of the wizard and click Import
  3. Choose workspace name and click Save
  4. Integration is completed Identity Provider

Setup Pagescreen SSO with Auth0 via SAML

  1. Following the steps at
  2. Go to and sign up for an account.
  3. Create a new application or use your existing one
  4. Go to Addons tab
  5. Enable SAML2 web app addon
  6. Go to Pagescreen > Account > Single Sign-On
  7. Copy ACS URL and paste it in Application Callback URL input
  8. Download pagescreen_saml.crt from Single Sign-On tab on Pagescreen
  9. Copy to settings json:
        "mappings": {
            "email": "",
            "firstname": "",
            "lastname": ""
        "signResponse": true,
        "signingCert": "<copy the contents of pagescreen_saml.crt>",
        "logout": {
            "callback": "<xXxXXxXxXXX>",
            "slo_enabled": true
  10. Replace value of signingCert with the contents of the downloaded pagescreen_saml.crt file
  11. Copy Single Logout URL and replace logout.callback with it
  12. Click Save

Connect with Pagescreen

  1. On the Usage tab in Auth0 download the metadata xml file
  2. Go to Pagescreen > Account > Single Sign-On > Import
  3. Select the downloaded metadata file and click Import
  4. Choose workspace name and click Save
  5. Integration is completed

OneLogin Identity Provider

Setup Pagescreen SSO with OneLogin via SAML

Add connector application:

  1. Create OneLogin account
  2. Add application under Apps
  3. Search for term SAML and pick one of:
    • SAML Test Connector (IdP) w/encrypt signed resp
    • OneLogin SAML Test (IdP) w/ NameID (unspecified)
  4. Setup according to the details below

SAML Test Connector (IdP) w/encrypt signed resp

Configuration tab: Connector


// empty



ACS (Consumer) URL Validator Regex


ACS (Consumer) URL<xXxXXxXXxXx>

Single Logout URL<xXxXXxXXxX>

Public key


OneLogin SAML Test (IdP) w/ NameID (unspecified)

SAML Consumer URL

SAML Audience 

SAML Recipient<xXXxXxXXXxx>

SAML Single Logout URL<xXxXXxXXxX>

ACS (Consumer) URL Validator Regex


Parameters tab

For the following parameters do:

Attribute Name Description
email E-Mail Address
firstname First Name
lastname Last Name
  1. Add new parameter - email
  2. Check Include in SAML assertion
  3. Select value Email from the dropdown
  4. SSO Tab
    • Select SAML Signature Algorithm - SHA-256

Connect with Pagescreen

  1. Go to Pagescreen > Account > Single Sign-On > Import
  2. Select the downloaded metadata file and click Import
  3. Choose workspace name and click Save
  4. Integration is completed

miniOrange Identity Provider

Setup Pagescreen SSO with miniOrange via SAML

More information at miniOrange SSO integration

Step: IdP Setup

  1. Go to your account at
  2. Go to Add Application
  3. Search for Custom App
  4. Download pagescreen-metadata.xml from Pagescreen > Account > Single Sign-On
  5. In miniOrange click Import SP Metadata, click File and select the downloaded file.
  6. Enter Application Name: Pagescreen
  7. Copy Single Logout URL from Pagescreen and paste it into the input in miniOrange
  8. Fill the attribute settings as follows

    • Name ID: E-Mail Address
    • NameID Format: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
    • Identity Source: (The source you prefer)
  9. Attributes:

    Attribute Name Description
    email E-Mail Address
    firstname First Name
    lastname Last Name
  10. Click Save
  11. Go back in the application list click on Metadata
  12. Click on Download Metadata XML

Connect with Pagescreen

  1. Go to Pagescreen > Account > Single Sign-On > Import
  2. Select the downloaded metadata file and click Import
  3. Choose workspace name and click Save
  4. Integration is completed

Try us now for Free

Play with Pagescreen for 14 days, access to all features.