You're attempting to setup SAML SSO and your config doesn't have an ACS or Entity ID URL as pictured below:

Click the Save button. Once you've saved it, the ACS and Entity ID URLs will be generated. This state occurs when you click the + button to add SAML SSO for a domain, but haven't actually saved it yet. If you were to refresh the page, it would disappear due to not having been saved yet.

How to use Doppler with mobile applications can depend a lot on your specific situation. Ultimately though, it's almost impossible to ensure that hard-coded keys in your binary application won't leak – even if they're stored using encryption, obfuscation, etc. Very motivated attackers will always be able to extract them.

As such, our recommendation for using secrets with mobile applications is to deploy a separate backend application that proxies all your requests that require secrets (e.g., requests to third-party APIs). You can store your secrets in Doppler and use them with your backend without the mobile app needing access to them at all. When your mobile app needs to make an API request it then contacts your backend application which makes the actual request.

Although this does add a little complexity to the application, it will preserve the integrity of your secrets and will also allow you to do things like apply API limits or throttles to specific user accounts before it hits the API you need it to. Another benefit is that you can easily update credentials for all your deployed apps without requiring end users to update the app on their devices.