Using your existing identity provider, the workflow your users would experience is the following:
- The user browses to your organizations identity portal and signs-in using his credentials for that portal.
- The portal identifies and verifies the user.
- The user triggers a sign-in to Skeddly. This initiates a SAML authentication response which navigates the user to Skeddly.
- Skeddly verifies the SAML authentication response, and after verification, signs the user into the Skeddly account.
Popular Identity Providers
- Active Directory Federation Service: 2611175-configuring-single-sign-on-with-active-directory-federation-services
- OneLogin: 2611119-configuring-single-sign-on-with-onelogin
- Okta: 2612072-configuring-single-sign-on-with-okta
- Google Apps
Generic Identity Provider ConfigurationDepending on your Identity Provider, these steps may need to be reordered.
Step 1: Obtain your Identity Provider's SAML Metadata DocumentIn order to proceed to step 2, you will need to obtain a SAML metadata document from your IdP.
This document is an XML file that includes the following:
- Your Identity Provider's issuer name
- Certificate public keys
Step 2: Create an Identity Provider in SkeddlyPlease follow these instructions to create your Skeddly Identity Provider.
Step 3: Add Skeddly to your Identity ProviderAdd Skeddly as an application to your Identity Provider, as per your Identity Provider's instructions. If possible, import the Skeddly service provider metadata document from the following URL:
SAML Assertion Response RequirementsSigned: All SAML assertion responses must be signed using your IdP's signing key.
Audience: The audience must be set to "https://app.skeddly.com/".
NameId: The name ID must be present.
Assertion Consumption Endpoint: https://app.skeddly.com/sso/saml/ (POST only)
This attribute must be a comma-separate list of the following:
- One and only one SRN of your Skeddly identity provider. This can be copied from your identity provider's "view" page in your Skeddly account.
- One or more SRNs of Managed Policies to be applied to the user when they are signed-in. These SRNs can be found in the Managed Policies pages in your Skeddly account.
Use this attribute to override the name displayed in Skeddly after the user is signed-in. By default, the NameId value is used. But if you want a more friendly name shown, use this attribute to override it.