ContentsSign in to your Lob dashboardDefault loginSingle Sign-On (SSO) loginReset your passwordSet up Lob SSO with OktaBest practices
Sign in to your Lob dashboard
- Click Log in on Lob.com.
- Enter your Email Address and Password to sign in.
Single Sign-On (SSO) login
If your organization has Single Sign-On (SSO) enabled, you will be redirected to a separate SSO login page after entering your email and password in the default login screen (as seen above).
Confirm your pre-populated company email, and click "Sign In With SSO" to log into your account.
Reset your password
- Click Log In on Lob.com.
- Click Forgot Password?
- Enter your Email Address then click Send Reset Link.
- Click Create New Password in the password reset email sent to you.
- Enter a New Password then enter the same password in the Confirm New Password field.
- Click Update. You password is now reset.
Set up Lob SSO with Okta
These instructions should apply to configuring with other identity providers, such as OneLogin and Google IdP.
- Create an application in Okta for Lob using this guide.
- Name the application.
- Add these SAML settings:
- For Single sign on URL, enter: https://api.lob.com/v1/sessions/saml
- Select Use this for Recipient URL and Destination URL
- For Audience URI (SP Entity ID), enter: https://api.lob.com/v1/sessions/metadata.xml
- For Name ID format, choose EmailAddress.
- For Application username, choose Email.
- Your SAML settings should match the screenshot below
Once your new application is created in Okta, you need to copy the SAML metadata generated from your IDP and paste it into Lob's dashboard.
- View your SAML IDP metadata in Okta by clicking the Sign On tab in the application.
- Click the Identity Provider metadata link.
This opens a new web page containing the XML you need.
- Login to Lob's dashboard and hover on your name in the top right corned then click Settings.
- Scroll down to Single Sign-on in the Account tab and paste the metadata from your IDP, and then click Save.
- Note: Only Lob admin users will be able to see the Single Sign-on configuration in the dashboard.
Even if your company has an active SSO integration with Lob, each individual user will still need to accept their company's invite before being able to log in using SSO. Otherwise they will be sent to the normal sign-in screen.
SSO is a hard cutover for your account, so once SSO is configured then ALL users for that account will only be able to sign in through SSO. If there is an issue with the IDP metadata, e.g. an incorrect SSO URL, then all users for that account will possibly be locked out. It is strongly recommended to test SSO by signing into Lob's dashboard through another session.
If you are locked out of your account because of incorrect IDP metadata, contact email@example.com to revert your account back to the normal login flow.