Configure SSO and SAML settings

SessionM supports single sign-on (SSO) authentication schemes, which allow users to log on to the SessionM Platform with a single ID and password to any related but separate software systems. From the Admin & Rights Module, you can access the SSO & SAML page to configure and manage SSO and Security Assertion Markup Language (SAML) settings for an SSO provider.

About this task

One of the important items that the client must provide to enable services from an SSO provider is the identity provider certificate, which should be formatted as an armored x509 certificate.

Steps

  1. On the Admin & Rights 2.0 dashboard, under Platform Configurations, click SSO & SAML. A page containing the necessary platform settings that support SSO and SAML opens.
  2. On this page, specify values in the following fields:
    1. Entity ID, which is the name, or URL, for the client's service.
    2. SSO URL, which is the redirect URL when starting a request to authenticate a user.
    1. User Properties, which are the IdP (Identity Provider) user properties rendered in JSON format.
    2. Certificate, which is the certificate for the ID provider - formatted as an armored X509 certificate. For more information, see the discussion above.
  3. Then consult your SessionM integration engineer to obtain the appropriate values for these two fields:
    1. Entity ID, which is the SessionM service. Typically, the URL of the SMP deploy.
    1. Assertion Consumer Service URL, which is the URL where the SessionM Platform receives the SAML redirect from the client's IdP.
  4. Click Save.

The SSO provider has been configured.