Overview


Previously, site admin had been able to add SAML Identity Providers that allowed 3rd Party Application Dashboards to authenticate users to Microsites via SAML 2.0 SSO. For example, Gsuite Admin have used this feature to set up custom G-Suite Applications for microsites. 


Today, SAML enabled sites will be able to add multiple SAML Identity Provider buttons to their own microsite homepages that allow educators to use SAML based 3rd party applications to login. For example, instead of having to go to the Gsuite Application Dashboard to login to a microsite, Gsuite users will be able to click the "Sign in" button on the microsite and select which institutional credentials they'd like to login with. 


Add New SAML Identity Provider

  1. Contact your Identity Provider Admin and obtain the following information: 
    1. URL where IdP metadata can be accessed
    2. Redirect URL where the microsite SAML Service Provider should send authentication requests
    3. Whether the IdP signs Assertions, Responses, or both
    4. What the email address attribute is named in the IdP Authentication Response
    5. What name (first and last) attribute is named in the IdP Authentication Response 
  2. Navigate to Admin -> SAML -> Identity Providers
  3. Click the grey "Add Identity Provider+" button in the top right hand corner of the /admin/core_saml/identityprovider/ page
  4. Enter information obtained from the Identity Provider Admin
  5. Click "Save" 
  6. Contact your Identity Provider Admin and provide them with the following information displayed in your site admin:
    1. Entity ID
    2. Login URL 
    3. ACS URL 
  7. Once your Identity Provider Admin confirms these values have been entered successfully, your new Institutional Login method will be ready to use


Verify New Login Options on your Homepage

  1.  Navigate to your homepage
  2. Make sure you are signed out
  3. Click "Sign" button
  4. If you have 1-3 identity providers registered, you should see 1-3 buttons that say "Login with you [name of identity provider] Account" 
  5. If you have 3 or more identity providers registered, you should see a drop down menu where users can select which Institution they would like to log in with