Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 12 Next »

Manage SSO Settings

This page will show If Single-Sign-On (SSO) has been enabled for your organization, And you have been granted access to Manage SSO Settings as an Admin.

These parameters provide the ability for an organization to setup the Single Sign-On options for their own organization, without needing to rely on SkillsTX.

These settings are ONLY for identity SSO/Identity Management experts NOT for general administrators.

It's important to note that the specific steps and configurations may vary depending on the the IDP being used, and any additional security requirements you have. Many modern applications leverage standards like SAML (Security Assertion Markup Language) or OAuth/OpenID Connect to facilitate the SSO process with Active Directory.

image-20240108-224003.png

Parameter

Values

Description

SSO SAML Enabled

  • True

  • False

Whether or not SSO is to be enabled

Do you want to restrict logins to SSO ONLY

  • No

  • Yes

When set to No, both the Email/password option and SSO will be available for login

When set to Yes, the option to Login using Email/Password will not be available on the Login page.

(NOTE: When the above parameter set to Yes, it will prevent access by external parties, who may be providing support, to access your SkillsTX environment)

Do you want to bypass the Login Page

  • No

  • Yes

This provides the ability for automatic login when the SkillsTX URL is selected without the need to press the SSO Login button.

Only becomes Active if Do you want to restrict logins to SSO ONLY = Yes

= No - The Login page will display, and the User will be required to use the SSO Login button to Login.

= Yes - When the User selects your SkillsTX instance URL, it will log them in automatically using their Login credentials as defined for SSO

  • Users must use the correct SkillsTX login url e.g.

    • https://yourorg.skillstx.com/login or

    • https://yourorg.skillstx.com/SfiaProfile

  • If a User uses the Logout link, it will immediately log them back in, so they will need to close the browser or select another URL to exit the session.

  • The Login Page& SSO Login button may display momentarily, but then the system will automatically login using the Users Login credentials.

SSO SAML EntityId

EntityID

e.g. https://yourorg.skillstx.app/saml

SSO SAML Claim Email Address

Required to use the Login with SkillsTX

A "claim" is a piece of information about a user that is provided by the Identity Provider (IDP) to the Service Provider (SP) during the authentication process.

In the case of the "Email Address" claim, it means that the IDP will include the user's email address as part of the SAML assertion sent to the SP. The SAML assertion is a digitally signed XML document that contains information about the user's identity and other relevant details.

AUTO - MANUAL

  • AUTO

  • MANUAL

SSO SAML IP Metadata Address

The "federationmetadata.xml" is an XML file that contains metadata information about an Identity Provider (IDP) or a Service Provider (SP) in the context of federated identity management and Single Sign-On (SSO) using SAML (Security Assertion Markup Language) or WS-Federation protocols.

Identity Provider (IDP) Metadata address for your organization

SSO SAML Metadata Address

Usually this will be in the format of the SkillsTX Login URL that has been provided for your organization + “saml/metadata”

e.g. https://yourorg.skillstx.app/saml/metadata

Once a change has been made to any of the parameters the Update Settings and Reset buttons will become active.

  1. To update the settings with your changes use the Update Settings button

  2. To revert back use the Reset button

On this page:



Related Help pages

  • No labels