General

Single Sign-On (SSO) allows users to access multiple applications with a single set of login credentials. We support SSO with SAML (Security Assertion Markup Language) 2.0.

Settings Configuration for SAML Identity Provider

All valid URLs are generated automatically and are visible in the Partner Settings page in DEPo. Below is an example of a SAML Identity Provider configuration.

Recipient: https://your-subdomain.some-domain.tld/depo_users/auth/saml/callback
ACS (Consumer) URL: https://your-subdomain.some-domain.tld/depo_users/auth/saml/callback
Single Logout URL: https://your-subdomain.some-domain.tld/depo_users/auth/saml/slo
Login URL: https://your-subdomain.some-domain.tld/depo_users/auth/saml
SAML nameID format: Email
Entity Id: dreams-enterprise-app
Role: Make sure role attribute is added to the IdP response: partner_admin, analyst, offering_manager, support_agent, translator. Description of each role can be found in the DEPo guide via DEPo administration page.

Following SAML account details are required: first_name, last_name, email.

Required fields to be filled by you on the Partner Settings page

Your IdP single sign-on service URL - required
Your IdP cert fingerprint (SHA-1) - required
Your IdP single log-out service URL - not required

Settings Configuration for SAML Identity Provider​

Required fields to be filled by you on the Partner Settings page​

Settings Configuration for SAML Identity Provider

Required fields to be filled by you on the Partner Settings page