SAML Settings

1. Create Single Sign-on Endpoint

  1. Click Account Settings
  2. Select Single Sign-on
  3. Select Create Single Sign-on Endpoint

2. Choose your site and create the connection

Choose your site and create the connection
  1. Make sure you have set your mode to SAML.
  2. Remote login url - This is the url where ScreenSteps will redirect to when a SAML request is made. This should be provided to you by your SAML provider.
  3. Log out url - This is optional. It is a URL that your users will be taken to once they log out of ScreenSteps.
  4. Create the Endpoint

3. Upload the SAML Certificate file

  1. X.509 certificate - You need to get this certificate file from your SAML provider and upload it to ScreenSteps.
  2. SAML Consumer URL - Use this URL to test your SAML settings.
  3. SAML Test URL - Use this URL to test that your SAML settings work (after you save them and configure your identity provider).
  4. Once you have entered all of your settings, select Update.

4. Metadata for your identity provider

If your identity provider needs you to enter metadata for ScreenSteps, use the SAML Consumer URL shown above.

For the Entity ID use ScreenSteps-Live.

Here is the XML Metadata for ScreenSteps. Be sure to replace the {{}} with your SAML Consumer URL:

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="ScreenSteps-Live">
   <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" AuthnRequestsSigned="false" WantAssertionsSigned="false">
      <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
      <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="{{replace with your ScreenSteps SAML Consumer URL }}" isDefault="true" index="0" />
   </md:SPSSODescriptor>
</md:EntityDescriptor>

5. Add to Site

0 Comments

Add your comment

E-Mail me when someone replies to this comment