Professional Documents
Culture Documents
Inbound SAML
General Properties
Fields listed in bold are mandatory.
IDP URL Provided by the client. This field is mandatory if the SP Initiated option is selected.
Signature Mode CSOD has two public certificates: SHA1 self-signed and SHA256 CA verified. Please SHA1 Self-Signed Cert
select the one that meets the client’s requirements.
Auth Request Issuer Leave blank if using default issuer value: https://techconsulting-stg.csod.com.
Assertion Consumer Use ONLY if you want to override the default ACS URL with a specific URL stem. samldefault.aspx?ouid
Service URL =433
SAML Key
IDP Logout URL Provided by the client. This field is mandatory if the Single Logout option is selected.
Logout Response Issuer Leave blank if using default issuer value in logout response: techconsulting- SHA1 Self-Signed Cert
stg.csod.com.
Issuer Leave blank if using default issuer value: {0} If left blank, this field will automatically
populate once the configuration is saved.
Replace {0} with corp Issuer URL (e.g., https://qa-bstss01.csod.com)
Signature Mode CSOD has two public certificates: SHA1 self-signed and SHA256 CA verified. Please SHA1 Self-Signed Cert
select the one that meets the client’s requirements.
Audience Enter service provider name if the client has not provided it. Leave blank if audience
is the same as the outbound SSO provider.
Expiration Date If the outbound SSO functionality needs to be deactivated after a certain date, enter
the date here.
User Name Enter the name of the SAML Attribute under which the value of username should appear as per client format.
Email Address Enter the name of the SAML Attribute under which the value of email should appear as per client format.
First Name Enter the name of the SAML Attribute under which the value of first name should appear as per client format.
Last Name Enter the name of the SAML Attribute under which the value of last name should appear as per client format.
Middle Name Enter the name of the SAML Attribute under which the value of middle name should appear as per client format.
Manager ID Enter the name of the SAML Attribute under which the value of manager ID should appear as per client format.
User Division Enter the name of the SAML Attribute under which the value of user division should appear as per client format.
User Location Enter the name of the SAML Attribute under which the value of user location should appear as per client format.
Language Enter the name of the SAML Attribute under which the value of language should appear as per client format.
Phone Home Enter the name of the SAML Attribute under which the value of home phone should appear as per client format.
Phone Mobile Enter the name of the SAML Attribute under which the value of mobile phone should appear as per client format.
Authentication Request Provided by the client. This field is mandatory if the SP Initiated option is selected.
Issuer
Authentication Request Leave blank if using default authentication request destination value: {0}.
Destination Here {0} replace with output of GetACSIssuerURL(ssoConfig, 1) function.
E.g. https://qa-bstss01.csod.com/outboundsso.aspx?ou_id=-1650
Skip Signature Validation Check this if you want to disable validation of signature coming in authentication request. Unchecked
Advanced Properties
Fields listed in bold are mandatory.
Include Issuer in Response This field should only be used if requested by the client. Unchecked
Additional Settings
Fields listed in bold are mandatory.
SSO ID SSO ID is an integer value that uniquely identifies this SSO configuration. When creating a Next integer value that is
new SSO, the next available integer is displayed. This value can be overridden with any not already in use by the
integer value that is not already in use for another SSO configuration within the same portal and environment.
environment.
Manual Key Input Select this filed to manually input the Encryption Key and Initialization Vector for the AES Unchecked
SSO configuration.
Regenerate Key Pair Click on this button to generate a new random Encryption Key and Initialization Vector for Unchecked
(available when editing) this SSO configuration. This will take effect on Save.
Push Keys to FTP Click on this button to push the Encryption Key and Initialization Vector to the client portal N/A
(available when editing) environment FTP.
Encryption Key Encryption Key is a system generated key used to authenticate the SSO. This is masked for System generated
security, but will be sent to the portal environment FTP when the SSO is saved. The random value
information can also be pushed manually by clicking on the Push Keys to FTP button.
Initialization Vector This field contains the system generated key used to authenticate the SSO. This is masked System generated
for security, but will be sent to the portal environment FTP when the SSO is saved. The random value
information can also be pushed manually by clicking on the Push Keys to FTP button.
Error URL Leave blank if using CSOD's Default Error URL: common/ssoerror.aspx or enter the client Blank
provided URL.
Logout URL Leave blank if using CSOD's Default Logout URL: common/ssologout.htm or enter the client Blank
provided URL.
Additional Settings
Fields listed in bold are mandatory.
Sample Code
Available when editing. Fields listed in bold are mandatory.
Download Click on this button to download the SSO sample code. N/A
Push to FTP Click on this button to send the SSO sample code to the client’s FTP site. N/A