In Anaplan, Single Sign-on (SSO) enables a user authenticated by a login other than the standard login mechanism at the Anaplan URL, to access multiple systems and environments using a single web browser session. Users therefore don't need to visit a login page for each system and environment.

Learn how to log in with Single Sign-on (SSO).

As the Anaplan administrator for your organization, you can set up your environment for SSO access to using the Security Assertion Markup Language (SAML) authentication protocol. Anaplan fully supports SAML 2.0 for SSO. This includes password complexity policies, time-of-day access windows, two-factor authentication, and any other controls required by your organization's security policy.

To set up Anaplan for SSO:

  1. Use Self Service SAML to configure SSO on your workspace.
  2. Test your configuration.

Warning: Once SSO is set up, users can only access Anaplan using SSO unless they are an Exception User. We therefore recommend that your organization assigns at least one exception user. Your business must schedule an appropriate time to enforce SSO. It is essential that your organization educate your users on how to access the Friendly URL.

  1. Assign exception users.

As of August 15, 2020, your Friendly URL must not end with a trailing '/' character or other special characters.

Here are examples of invalid and valid Friendly URL formats for SSO configurations:

Invalid Friendly URL format:
Valid Friendly URL format:

Self Service SAML was released May 2020. If you're using the Self Service SAML feature, follow this guideline for Friendly URL formats:

Invalid Friendly URL format:
Valid Friendly URL format:

For information about the way in which Anaplan uses SAML, see SAML Authentication to Anaplan and Glossary of Single Sign-On terms.

For general information about SSO and SAML, see these pages on and the WSO 2 Library: