If your company already has access to a Procore Monthly Sandbox Environment, you may prefer to test Single Sign-On (SSO) configurations there before you configure SSO in your active Procore company account. This kind of testing is not required, and is not explicitly recommended by Procore, but for companies with Monthly Sandbox access it is an available option. This kind of testing is most useful to clients who are configuring a "custom" SSO integration (e.g., configuring SSO using an Identity Provider, or "IdP", for which Procore does not provide detailed instructions or additional resources). It is important to remember that a Procore Monthly Sandbox environment refreshes monthly at a scheduled cadence, which will clear any configuration data entered, so be sure to align your testing appropriately.
NoteThe Monthly Sandbox Environment is NOT equivalent to a Sandbox Test Project. A Sandbox Test Project resides in an active Procore company account, so it cannot be used as a separate environment for SSO configuration testing.
To configure SSO in a Procore Monthly Sandbox, you will follow the same instructions available for configuring SSO in an active Procore company. However, you will need to use attributes relevant to the environment in which you are testing. Those attributes for the Monthly Sandbox are:
Target Sign on URL: https://login-sandbox-monthly.procore.com/saml/consume
Note: Un-check "Use this for Recipient URL and Destination URL" box to show other fields for URL entry
Recipient URL: https://login-sandbox-monthly.procore.com/
Destination URL: https://api-sandbox-monthly.procore.com/
Audience URI (SP Entity ID): https://login-sandbox-monthly.procore.com/
When you have completed configurations in your Monthly Sandbox, please reach out to your Procore point of contact or Procore Support to request they enter the domain(s) you want to target for login via SSO. After they have entered those domains, you will be able to select the Enable Single Sign-On checkbox and select either the IdP-Initiated or an SP-Initiated (i.e., Procore-Initiated SSO) option.