Braintree
  Last reviewed:  about 1 year ago  
      This guide covers how to configure Braintree ↗ as a SAML application in Cloudflare Zero Trust.
- An identity provider configured in Cloudflare Zero Trust
- Admin access to a Braintree production or sandbox account
- In Zero Trust ↗, go to Access > Applications.
- Select Add an application > SaaS > Select.
- For Application, enter Braintreeand select the textbox that appears below.
- For the authentication protocol, select SAML.
- Select Add application.
- Fill in the following fields with temporary values:
- Entity ID: placeholder
- Assertion Consumer Service URL: https://www.placeholder.com
- Name ID format: Email
 
- Entity ID: 
- Copy the SSO endpoint and Public key.
- Configure Access policies for the application.
- Save the application.
- In Braintree, create a support ticket ↗.
- In Search Issues, enter Login and password issuesand select the corresponding value.
- In Issue Details, fill in the following:
- Merchant ID: Your Braintree Merchant ID. This is the 16-digit value that follows /merchants/in your Braintree Control Panel URL.
- Email domain(s) to be used in user IDs: The email domain(s) that should be allowed to sign in to your account via SSO.
- Single Sign-on HTTP POST Binding URL: SSO endpoint from application configuration in Cloudflare Zero Trust
- Certificate for validation: Public key from application configuration in Cloudflare Zero Trust.
 
- Merchant ID: Your Braintree Merchant ID. This is the 16-digit value that follows 
- Select whether you are using a Production or Sandbox account.
- Fill out the Your contact information fields and select Submit a help request.
- When you receive an email stating SSO has been successfully configured for your account, you can proceed to the next step.
- In Zero Trust ↗, go to Access > Applications.
- Select Braintree > Edit > Overview.
- Replace the temporary values for Entity ID and Assertion Consumer Service URL with the link provided in the successful SSO configuration email from Braintree support. You will use the same link for both values.
- Select Save Application.
- In your Braintree Control Panel, select the settings icon > Team.
- Select your desired test user.
- Under Single Sign-On, select Enable.
- Open an incognito browser window. In the address bar, paste https://id.sandbox.braintreegateway.comfor a sandbox account orhttps://id.braintreegateway.comfor a production account.
- In Your corporate email address field, type your test user's email. You will be redirected to the Cloudflare Access login screen and prompted to sign in with your identity provider.
- Upon successful sign-in, you can enable SSO for other users using steps 4.1 - 4.3.
Was this helpful?
- Resources
- API
- New to Cloudflare?
- Directory
- Sponsorships
- Open Source
- Support
- Help Center
- System Status
- Compliance
- GDPR
- Company
- cloudflare.com
- Our team
- Careers
- © 2025 Cloudflare, Inc.
- Privacy Policy
- Terms of Use
- Report Security Issues
- Trademark