Scribd Logo
Upload

Welcome to Scribd!

  • 94bdad00 Dc2d 4f39 927e 58618bb2d641 SSO Dashboard Field Definitions

    Uploaded by

    bombom
    61 views9 pages
    This document defines fields for configuring single sign-on (SSO) using SAML. It describes fields for inbound and outbound SAML configuration, including general properties, timestamps, certificates, URLs, and attribute mappings. Mandatory fields are noted. Default values are provided for many fields. The document is intended to help administrators understand and configure SSO dashboard settings.

    Original Description:

    SSO Dashboard Field Definitions

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document defines fields for configuring single sign-on (SSO) using SAML. It describes fields for inbound and outbound SAML configuration, including general properties, timestamps, certificates, URLs, and attribute mappings. Mandatory fields are noted. Default values are provided for many fields. The document is intended to help administrators understand and configure SSO dashboard settings.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    61 views9 pages

    94bdad00 Dc2d 4f39 927e 58618bb2d641 SSO Dashboard Field Definitions

    Uploaded by

    bombom
    This document defines fields for configuring single sign-on (SSO) using SAML. It describes fields for inbound and outbound SAML configuration, including general properties, timestamps, certificates, URLs, and attribute mappings. Mandatory fields are noted. Default values are provided for many fields. The document is intended to help administrators understand and configure SSO dashboard settings.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 9

    Single Sign On (SSO) Dashboard Field Definitions

    Inbound SAML
    General Properties
    Fields listed in bold are mandatory.

    Field Name Description Default Value


    SSO ID SSO ID is an integer value that uniquely identifies this SSO configuration. When creating Next integer value that is not
    a new SSO, the next available integer is displayed. This value can be overridden with already in use by the portal and
    any integer value that is not already in use for another SSO configuration within the environment.
    same environment.
    Upload Certificate Used to upload the client’s SAML certificate.
    Assertion Alternative to a certificate and rarely used. If you are uploading a certificate, this is not
    required.
    SAML Algorithm The version of SAML being used. SAML 2.0
    Timestamp format The value in this field should match the timestamp format in the client’s SAML yyyy-MM-ddTHH:mm:ss.fffZ
    response.
    Signed with Key
    Error URL Leave blank if using CSOD's Default Error URL: common/ssoerror.aspx or enter the Blank
    client provided URL.
    Logout URL Leave blank if using CSOD's Default Logout URL: common/ssologout.htm or enter the Blank
    client provided URL.
    Timeout URL Leave blank if using CSOD's Default Timeout URL: common/ssotimeout.htm or enter Blank
    the client provided URL.
    Skew in Seconds Should be a negative integer value; max. 0 and min. -120

    SSO Dashboard How To 1


    SP Initiated Options
    Fields listed in bold are mandatory.

    Field Name Description Default Value


    SP Initiated This checkbox enables SP Initiated SSO. Unchecked

    IDP URL Provided by the client. This field is mandatory if the SP Initiated option is selected.

    Signature Mode CSOD has two public certificates: SHA1 self-signed and SHA256 CA verified. Please SHA1 Self-Signed Cert
    select the one that meets the client’s requirements.

    Auth Request Issuer Leave blank if using default issuer value: https://techconsulting-stg.csod.com.

    Assertion Consumer Use ONLY if you want to override the default ACS URL with a specific URL stem. samldefault.aspx?ouid
    Service URL =433

    CSOD Private Key


    Password

    SAML Key

    Single Logout Settings


    Fields listed in bold are mandatory.

    Field Name Description Default Value


    Single Logout Unchecked

    IDP Logout URL Provided by the client. This field is mandatory if the Single Logout option is selected.

    Logout Response Issuer Leave blank if using default issuer value in logout response: techconsulting- SHA1 Self-Signed Cert
    stg.csod.com.

    SSO Dashboard Field Definitions 2


    Additional Settings
    Fields listed in bold are mandatory.

    Field Name Description Default Value


    Key Enter SSO parameter key. Multiple keys can be added at runtime.

    Default additional keys are:


    FollowSAMLSchemaOrder, PreserveWhiteSpace,
    UseCert, UserX509Cert and
    X509VerifySignatureOnly.

    Type Select a value from the dropdown.

    Position Enter position at which the parameter should be placed in


    token generated.

    Value Enter SSO parameter value.

    SSO Dashboard Field Definitions 3


    Outbound SAML
    General Properties
    Fields listed in bold are mandatory.

    Field Name Description Default Value


    SSO ID SSO ID is an integer value that uniquely identifies this SSO configuration. The value
    is populated once an outbound SSO provider is selected and cannot be overwritten.
    Outbound SSO Provider Select from the list of available providers.

    New SSO Provider Create a new service provider.

    ACS URL ACS URL of service provider as provided by client.

    Timestamp Format Select the client’s preferred timestamp format. yyyy-MM-ddTHH:mm:ss.fffZ

    Issuer Leave blank if using default issuer value: {0} If left blank, this field will automatically
    populate once the configuration is saved.
    Replace {0} with corp Issuer URL (e.g., https://qa-bstss01.csod.com)

    Signature Mode CSOD has two public certificates: SHA1 self-signed and SHA256 CA verified. Please SHA1 Self-Signed Cert
    select the one that meets the client’s requirements.

    Audience Enter service provider name if the client has not provided it. Leave blank if audience
    is the same as the outbound SSO provider.

    Expiration Date If the outbound SSO functionality needs to be deactivated after a certain date, enter
    the date here.

    SSO Dashboard Field Definitions 4


    Authentication Parameters
    Fields listed in bold are mandatory.

    Field Name Description Default


    Value
    User ID Enter the name of the SAML Attribute under which the value of user ID should appear as per client format.

    User Name Enter the name of the SAML Attribute under which the value of username should appear as per client format.

    Email Address Enter the name of the SAML Attribute under which the value of email should appear as per client format.

    First Name Enter the name of the SAML Attribute under which the value of first name should appear as per client format.

    Last Name Enter the name of the SAML Attribute under which the value of last name should appear as per client format.

    Middle Name Enter the name of the SAML Attribute under which the value of middle name should appear as per client format.

    Manager ID Enter the name of the SAML Attribute under which the value of manager ID should appear as per client format.

    User Division Enter the name of the SAML Attribute under which the value of user division should appear as per client format.

    User Location Enter the name of the SAML Attribute under which the value of user location should appear as per client format.

    Language Enter the name of the SAML Attribute under which the value of language should appear as per client format.

    Phone Home Enter the name of the SAML Attribute under which the value of home phone should appear as per client format.

    Phone Mobile Enter the name of the SAML Attribute under which the value of mobile phone should appear as per client format.

    SSO Dashboard Field Definitions 5


    SP Initiated Properties
    Fields listed in bold are mandatory.

    Field Name Description Default Value


    SP Initiated This checkbox enables SP Initiated SSO. Unchecked

    Authentication Request Provided by the client. This field is mandatory if the SP Initiated option is selected.
    Issuer

    Authentication Request Leave blank if using default authentication request destination value: {0}.
    Destination Here {0} replace with output of GetACSIssuerURL(ssoConfig, 1) function.
    E.g. https://qa-bstss01.csod.com/outboundsso.aspx?ou_id=-1650

    Upload Certificate This field is mandatory if the SP Initiated option is selected.

    Skip Signature Validation Check this if you want to disable validation of signature coming in authentication request. Unchecked

    Advanced Properties
    Fields listed in bold are mandatory.

    Field Name Description Default Value


    Signature Within Assertion Uncheck this if you want place the signature node at the same level as assertion and Checked
    not within it.

    Include Issuer in Response This field should only be used if requested by the client. Unchecked

    CSOD Private Key Password CSOD Private Key Password

    CSOD SAML Certificate Version

    SSO Dashboard Field Definitions 6


    Querystring Parameters
    Fields listed in bold are mandatory.

    Field Name Description Default Value


    Querystring Parameter Name Querystring Parameter Name

    SAML Attribute Name SAML Attribute Name

    Additional Settings
    Fields listed in bold are mandatory.

    Field Name Description Default Value


    Key Enter SSO parameter key. Multiple keys can be added at runtime.
    If keys are added, this field is required.
    Default additional keys are: Default Additional keys are
    AssertionNamespaceAlias, AuthnContextClassRef,
    AuthnRequestNamespaceAlias, AuthnRequestTimeframe,
    IssuerNamespaceAlias, RelaystateParamName,
    ResponseNamespaceAlias, SAMLAssertion, SAMLResponse,
    SubjectConfirmationMethod, Timeframe and Version.

    Type If keys are added, this field is required.

    Position Enter position at which the parameter should be


    placed in token generated.

    Value Enter SSO parameter value.

    SSO Dashboard Field Definitions 7


    Inbound AES
    General Properties
    Fields listed in bold are mandatory.
    Field Name Description Default Value

    SSO ID SSO ID is an integer value that uniquely identifies this SSO configuration. When creating a Next integer value that is
    new SSO, the next available integer is displayed. This value can be overridden with any not already in use by the
    integer value that is not already in use for another SSO configuration within the same portal and environment.
    environment.

    Manual Key Input Select this filed to manually input the Encryption Key and Initialization Vector for the AES Unchecked
    SSO configuration.

    Regenerate Key Pair Click on this button to generate a new random Encryption Key and Initialization Vector for Unchecked
    (available when editing) this SSO configuration. This will take effect on Save.

    Push Keys to FTP Click on this button to push the Encryption Key and Initialization Vector to the client portal N/A
    (available when editing) environment FTP.

    Encryption Key Encryption Key is a system generated key used to authenticate the SSO. This is masked for System generated
    security, but will be sent to the portal environment FTP when the SSO is saved. The random value
    information can also be pushed manually by clicking on the Push Keys to FTP button.

    Initialization Vector This field contains the system generated key used to authenticate the SSO. This is masked System generated
    for security, but will be sent to the portal environment FTP when the SSO is saved. The random value
    information can also be pushed manually by clicking on the Push Keys to FTP button.

    Error URL Leave blank if using CSOD's Default Error URL: common/ssoerror.aspx or enter the client Blank
    provided URL.

    Logout URL Leave blank if using CSOD's Default Logout URL: common/ssologout.htm or enter the client Blank
    provided URL.

    SSO Dashboard Field Definitions 8


    Timeout URL Leave blank if using CSOD's Default Timeout URL: common/ssotimeout.htm or enter the Blank
    client provided URL.

    Additional Settings
    Fields listed in bold are mandatory.

    Field Name Description Default Value


    Key Enter SSO parameter key. Multiple keys can be added at runtime.

    Default additional keys are: FollowSAMLSchemaOrder,


    PreserveWhiteSpace, UseCert, UserX509Cert and
    X509VerifySignatureOnly.

    Type Select a value from the dropdown.

    Position Enter position at which the parameter should be placed in


    token generated.

    Value Enter SSO parameter value.

    Sample Code
    Available when editing. Fields listed in bold are mandatory.

    Field Name Description Default Value


    Language Select the language for the sample code. Code can be provided in C#, PHP, or Java. C#

    Download Click on this button to download the SSO sample code. N/A

    Push to FTP Click on this button to send the SSO sample code to the client’s FTP site. N/A

    SSO Dashboard Field Definitions 9

    You might also like