Here at Forest, we allow users to setup SSO on their own. They'll need to input their Entity ID along with their Single Sign On service endpoint in the the text fields contained within the image below:
Setting up SSO from the Admin area:
Info for Client (Identity Provider):
- See below Service Provider Metadata for URL and name specification.
- SAML Response Assertions:
- "email" - required unique user email
- "first_name" - [String] optional user first name
- "last_name" - [String] optional user last name
- "active" - [Boolean] optional to disable user access
Forest SAML Service Provider Metadata
Note: Replace [ENTER FOREST SUBDOMAIN] with your company's subdomain.
<?xml version="1.0"?> <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML: 2.0:metadata" entityID="forest-software" ID="forest-software"> <md:SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML: 2.0:protocol"> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML: 2.0:bindings:HTTP-Redirect" Location="https://[ENTER FOREST SUBDOMAIN].forestsoftware.com/logout"/> <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid- format:unspecified</md:NameIDFormat> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML: 2.0:bindings:HTTP-POST" Location="https://[ENTER FOREST SUBDOMAIN].forestsoftware.com/auth/sso" index="1" isDefault="true"/> </md:SPSSODescriptor> <md:ContactPerson contactType="technical"> <md:GivenName>Jake Elia</md:GivenName> <md:EmailAddress>jelia@forestsoftware.com</md:EmailAddress> </md:ContactPerson> <md:ContactPerson contactType="support"> <md:GivenName>Jake Elia</md:GivenName> <md:EmailAddress>jelia@forestsoftware.com</md:EmailAddress> </md:ContactPerson> </md:EntityDescriptor> |
Comments
0 comments
Please sign in to leave a comment.