Mobile Apps and SAML

Some users may find that they cannot use their xMatters mobile apps with a local account that bypasses the instance's SAML configuration. If their user account does not have the "Enable Native Login for SAML" function assigned to one of their roles, the connection will fail.

This restriction ensures that mobile app users are required to have the same permissions as users accessing xMatters via the web user interface. When Single Sign-On (SSO) is enabled, users normally cannot log in with a local password and are redirected to the SSO access screen. Any user account that needs to bypass SAML (whether logging in via the mobile app or into xMatters with a browser) must have a role that includes the "Enable Native Login for SAML" permission.

The xMatters iOS and xMatters Android apps use OAuth2 token authentication to log on natively, as long as the user's account has the "Enable Native Login for SAML" function. By default, this function is only assigned to users with the Company Supervisor role. Users with this role can bypass SSO and log in directly to xMatters using the SSO bypass URL.

Users who are permitted to log in natively should use the company URL with the suffix /sp/samlSignOn.do (for example: https://<your-company>.xmatters.com/sp/samlSignOn.do). The SAML (IdP) password and the xMatters native password are separate and can be managed independently.