Connect to Sparkpost through Access

This guide covers how to configure SparkPost or SparkPost EU External link icon Open external link as a SAML application in Cloudflare Zero Trust.

An identity provider configured in Cloudflare Zero Trust

configured in Cloudflare Zero Trust Admin access to a SparkPost or SparkPost EU account

​​ 1. Add a SaaS application to Cloudflare Zero Trust

In Zero Trust External link icon Open external link , go to Access > Applications. Select Add an application > SaaS > Select. For Application, enter SparkPost and select the corresponding textbox that appears. For the authentication protocol, select SAML. Select Add application. Fill in the following fields: Entity ID : https://api.sparkpost.com for SparkPost accounts https://api.eu.sparkpost.com for SparkPost EU accounts https://<api-host> for SparkPost accounts with dedicated tenants

: Assertion Consumer Service URL : https://api.sparkpost.com/api/v1/users/saml/consume for SparkPost accounts https://api.eu.sparkpost.com/api/v1/users/saml/consume for SparkPost EU accounts https://<api-host>/api/v1/users/saml/consume for SparkPost accounts with dedicated tenants

: Name ID format: Email Copy the SAML Metadata endpoint. Select Save configuration. Configure Access policies for the application. Select Done.

​​ 2. Download the metadata file

Paste the SAML metadata endpoint from application configuration in Cloudflare Zero Trust in a web browser. Follow your browser-specific steps to download the URL’s contents as an .xml file.

​​ 3. Add a SAML SSO provider to SparkPost

In SparkPost, select your profile picture > Account Settings. Under Single Sign-On, select Provision SSO. Under Upload your Security Assertion Markup Language (SAML), select select a file and upload the .xml file you created in step 2. Download the metadata file . Select Provision SSO. Select Enable SSO.

​​ 4. Add a test user and test the integration

In SparkPost, current users must be deleted and re-invited to use SSO. To create a test user, select your profile picture > Users > name of the user > Delete User. Then, select Invite User and fill in the necessary information. Alternatively, invite a new user. An invitation email will be sent. Go to the link sent in the invitation email. You will be redirected to the Cloudflare Access login screen and prompted to sign in with your identity provider. Once SSO is successful, you can turn on SSO for the rest of your current users by deleting and then re-inviting them.