Signing into Lob
If your organization has Single Sign-On (SSO) enabled, you will be redirected to a separate SSO login page after entering your email and password in the default login screen (as seen above).
Confirm your pre-populated company email, and click "Sign In With SSO" to log into your account.
1. Click Log In on Lob.com.
2. Click Forgot Password?
3. Enter your Email Address then click Send Reset Link.
4. Click Create New Password in the password reset email sent to you.
5. Enter a New Password then enter the same password in the Confirm New Password field.
6. Click Update. You password is now reset.
Note: Only Lob administrators will be able to see the Single Sign-on configuration in the Lob dashboard.
These instructions should apply to configuring with other identity providers, such as OneLogin and Google IdP.
- 2.Name the application.
- 3.Add these SAML settings:
- For Single sign on URL, enter: https://api.lob.com/v1/sessions/saml
- Select Use this for Recipient URL and Destination URL
- For Audience URI (SP Entity ID), enter: https://api.lob.com/v1/sessions/metadata.xml
- For Name ID format, choose EmailAddress.
- For Application username, choose Email.
- 4.Your SAML settings should match the screenshot below
Once your new application is created in Okta, you need to copy the SAML metadata generated from your IDP and paste it into Lob's dashboard.
- 1.View your SAML IDP metadata in Okta by clicking the Sign On tab in the application.
- 2.Click the Identity Provider metadata link.This opens a new web page containing the XML you need.
- 3.Login to Lob's dashboard and hover on your name in the top right corned then click Settings.
- 4.Scroll down to Single Sign-on in the Account tab and paste the metadata from your IDP, and then click Save.
Even if your company has an active SSO integration with Lob, each individual user will still need to accept their company's invite before being able to log in using SSO. Otherwise they will be sent to the normal sign-in screen.
SSO is a hard cutover for your account, so once SSO is configured then ALL users for that account will only be able to sign in through SSO. If there is an issue with the IDP metadata, e.g. an incorrect SSO URL, then all users for that account will possibly be locked out. It is strongly recommended to test SSO by signing into Lob's dashboard through another session.
If you are locked out of your account because of incorrect IDP metadata, contact [email protected] to revert your account back to the normal login flow.
Last modified 2mo ago