Setup process
- Configure SSO on your end using parameters from the instructions below
- Provide the following inputs:
- Client’s XML metadata file
- The domain(s) of the emails
- Nameid policy -- required for correct authorization on the service provider side
- Names of the attributes as specified in your IDP for first name, last name, email, and phone (optional)
- Once shared, we will configure the SSO on our side
- Test the connection
General SSO application configuration
Requested information | Information |
---|---|
Preferred Single Sign-On (SSO) Profiles | IDP-initiated SSO -- via Identity Provider |
Vendor entity unique ID | |
SCIM support (System for Cross-domain SSO) | No |
Supports automatic MetaData Exchange? | No, we require a manual exchange |
Separate NON-PROD and PROD environments? | No |
Dynamic User Provisioning Required? | Yes, please follow the SAML response standards |
Base vendor URL (Audience) | |
Endpoint URLs | Assertion Consumer Service (Login) URL: Single Logout URL: |
Preferred SAML Binding | POST |
Assertion Configuration
Attribute (Claim) name | Required | SAML IDP request response example |
---|---|---|
First Name | Yes | <saml:Attribute Name="FirstName" |
Last Name | Yes | <saml:Attribute Name="LastName" |
Yes | <saml:Attribute Name="Email" | |
Phone | No | <saml:Attribute Name="PhoneNumber" |
- KeyInfo must be included in the assertion
- Email is a primary identifier for all users
Updated 7 months ago