SAML 2.0 & SSO (single sign-on authentication)

By /

Streamlined Single Sign-On

Smarticks SAML 2.0 & SSO functionality empowers businesses to implement single sign-on (SSO) authentication using the widely adopted SAML 2.0 protocol. This functionality streamlines user access by leveraging an existing Identity Provider (IdP) for authentication.

Technical Overview:

  • Single Sign-On (SSO): Agents authenticate through their designated IdP, eliminating the need for separate Smarticks login credentials.
  • Identity Provider (IdP) Integration: Smarticks acts as a Service Provider (SP) and connects to a single IdP for user authentication. The functionality supports any SAML 2.0 compliant IdP.
  • Centralized User Management: Manage user access through your existing IdP, simplifying user provisioning and lifecycle management.

Configuration:

  • IdP Configuration: Configure your IdP to return the user’s email address within the NameID property. Smarticks uses this email address for user lookup.
  • Security Requirements:
    • Signature Algorithm: RSA-SHA256
    • IdP x509 Certificate: Enter the certificate content without “—–BEGIN CERTIFICATE—–” or “—–END CERTIFICATE—–” lines.
    • Single Logout (SLO): Due to limitations with some IdPs, Smarticks SSO currently does not support SLO. You can optionally specify a regular logout URL from your IdP to redirect users upon logout from Smarticks.
  • Advanced Configuration:
    • Metadata Exchange: Retrieve your Smarticks service provider metadata using the provided “SP Metadata” link for configuration within your IdP.
    • Auto-User Creation: Optionally, map specific user fields (first_name, last_name, job_title, phone) for automatic user creation in Smarticks during the first login via SSO.
    • Conditional Login URLs:
      • Append “?saml=0” to the login URL to bypass SSO and display the standard login form (when “Force SAML Login” is enabled).
      • Append “?saml=1” to the login URL to redirect to SAML login (when “Force SAML Login” is disabled).

Troubleshooting:

  • Disable “Strict Mode” (within the functionality) for broader compatibility during initial setup.
  • IdP Configuration Examples: The provided instructions detail configuration steps for popular IdPs like Auth0, JumpCloud, Azure, and Google Workspace.

By implementing Smarticks SAML 2.0 & SSO, businesses can enhance login security, simplify user management, and improve the overall user experience.

Related Posts

Scroll to Top