SAML SSO Integration

Introduction

  1. What it is?
  2. SAML Authentication set up

What it is?

Security Assertion Markup Language (SAML) is an XML-based, open-standard data format for exchanging authentication and authorization data between an identity provider and a service provider. The purpose of SAML is to enable Single Sign-On for web applications across various domains.

SAML Authentication set up

Prerequisites

To set up SAML for your SkyDesk Apps, you will require the following:

  1. Organization Sign up from https://mail.skydesk.jp/cpanel/index.do
    • Sign up a User Account
    • Create a Organization
  2. Public key : Key used to decode the response message sent by the IDP
  3. SAML Login URL : This is the URL, to which all the Organization users will be redirected for custom authentication.
  4. Logout URL : URL needs to be be redirected after user log out from SkyDesk services under SSO.
  5. Password reset URL : IDP's password reset URL, which will be called when the user tries to reset the password in SkyDesk

Note: The basic requirement to enable SAML authentication is that users need to sign up for the SkyDesk organization account. Only by signing up they get access to the control panel where they can configure their SAML authentication set up.

Steps to follow

Users need to follow the steps given below to setup SAML authentication for SkyDesk Apps

  • Click on the Dashboard option on the left and click Edit
  • A pop up shows up once you click Edit
  • Create a Portal URL of your choice in the space given in the pop up as shown below and click Save

Note: Portal URL is used for identifying the users. So it is mandatory that an user enters an unique name.

Once you have completed adding your desired app from an identity provider of your choice (e.g onelogin), complete the steps given below in your SkyDesk org account control panel:

  • In your control panel, click on SAML Authentication and fill up the details

  • Complete the SAML authentication details shown in the snapshot above as follows:
    • Enter the SAML 2.0 Endpoint URL (HTTP) as your Login URL
    • Enter the SLO Endpoint URL (HTTP) as your Logout URL
    • Enter the SAML 2.0 Endpoint URL (HTTP) as your Change Password URL
    • You can either attach the previously downloaded X.509 certificate or copy paste it directly as your Public Key
    • Select RSA as the algorithm and click OK
    • Your SAML authentication setup will be successfully completed
  • Now, if you are the Super Admin, you can login to https://mail.skydesk.jp/cpanel/index.do and change your SAML settings as per your requirements
  • All other users will be redirected to the respective SkyDesk App login pages when they enter their login credentials in https://mail.skydesk.jp/cpanel/index.do

Top