This article lists general information for using and setting up Single Sign-On (SSO) via Security Assertion Markup Language (SAML) 2.0.
- Setting up Single Sign-On via SAML 2.0 in Meisterplan
- Login via SSO
- Updating the Configuration
- Single Sign-On via SAML 2.0 allows users to log in to Meisterplan via user accounts configured with the connected identity provider.
- Please note that users also need Meisterplan user accounts to be able to log in. The same username must be used in Meisterplan and for your identity provider.
- Various SAML 2.0 compliant identity providers are supported, such as:
- Azure Active Directory (Azure AD)
- Ping Identity
- This is a self-service guide to configure SSO via SAML 2.0 in Meisterplan.
- Knowledge about SAML 2.0, SSO and the specifics of configuring your identity provider are presupposed.
- Single Sign-On in Meisterplan supports SAML 2.0 only.
- Meisterplan supports Service Provider (SP) initiated SSO only. Identity Provider (IdP) initiated SSO is not supported.
Setting up Single Sign-On via SAML 2.0 in Meisterplan
Proceed as follows to set up Single Sign-On via SAML 2.0 in Meisterplan:
- Log in to Meisterplan as an Administrator.
- In sidebar, under Manage, open the Users view.
- Click the Configure SAML toolbar button to open the Configure SAML dialog.
- Click at SAML enabled.
This will display the Identity Provider Settings and Service Provider Data sections:
Identity Provider Settings
Enter the Identity Provider Settings retrieved from your identity provider:
- Identity Provider Entity ID (this may also be referred to as the "issuer")
- SSO URL (Single Sign-On URL)
- SLO URL (Single Log-Out URL)
- X.509 Certificate (public key - different identity providers may use different names)
Service Provider Data
Some identity providers allow access by any service using valid credentials.
Others, however, require service providers (such as Meisterplan) to be registered with a Login Response URL and Entity ID.
In this case, depending on how this is done with your identity provider, you may either copy & paste these data from the relevant fields or use the Download Metadata XML File link if your identity provider supports an XML import of the data.
Completing the Setup
After entering Identity Provider Settings in Meisterplan and, if required, Service Provider Data on your identity provider's side, click the Save Configuration button to complete the setup.
Login via SSO
Updating the Configuration
Follow these steps if you need to update the Single Sign-On (SSO) configuration, e.g. when switching to another identity provider.
Step 1: In Meisterplan, enter the new Identity Provider Settings (see the Identity Provider Settings section) and confirm by clicking Save Configuration.
Step 2: In the admin panel of your Identity Provider, enter Meisterplan's Service Provider Data (see the Service Provider Data section).