23. Manage SSO Settings
- Graham Kennedy
Manage SSO Settings
This page will show If Single-Sign-On (SSO) has been enabled for your organization, And you have been granted access to Manage SSO Settings as an Admin.
These parameters provide the ability for an organization to setup the Single Sign-On options for their own organization, without needing to rely on SkillsTX.
These settings are ONLY for identity SSO/Identity Management experts NOT for general administrators.
It's important to note that the specific steps and configurations may vary depending on the the IDP being used, and any additional security requirements you have. Many modern applications leverage standards like SAML (Security Assertion Markup Language) or OAuth/OpenID Connect to facilitate the SSO process with Active Directory.
Parameter | Values | Description |
|---|---|---|
SSO SAML Enabled |
| Whether or not SSO is to be enabled |
Do you want to restrict logins to SSO ONLY |
| When set to No, both the Email/password option and SSO will be available for login When set to Yes, the option to Login using Email/Password will not be available on the Login page.
|
(NOTE: When the above parameter set to Yes, it will prevent access by external parties, who may be providing support, to access your SkillsTX environment) | ||
Do you want to bypass the Login Page |
| This provides the ability for automatic login when the SkillsTX URL is selected without the need to press the SSO Login button. Only becomes Active if Do you want to restrict logins to SSO ONLY = Yes = No - The Login page will display, and the User will be required to use the SSO Login button to Login. = Yes - When the User selects your SkillsTX instance URL, it will log them in automatically using their Login credentials as defined for SSO |
SSO SAML EntityId | EntityID | e.g. https://yourorg.skillstx.app/saml |
SSO SAML Claim Email Address | Required to use the Login with SkillsTX | A "claim" is a piece of information about a user that is provided by the Identity Provider (IDP) to the Service Provider (SP) during the authentication process. In the case of the "Email Address" claim, it means that the IDP will include the user's email address as part of the SAML assertion sent to the SP. The SAML assertion is a digitally signed XML document that contains information about the user's identity and other relevant details. |
AUTO - MANUAL |
|
|
SSO SAML IP Metadata Address |
| The "federationmetadata.xml" is an XML file that contains metadata information about an Identity Provider (IDP) or a Service Provider (SP) in the context of federated identity management and Single Sign-On (SSO) using SAML (Security Assertion Markup Language) or WS-Federation protocols. Identity Provider (IDP) Metadata address for your organization |
SSO SAML Metadata Address |
| Usually this will be in the format of the SkillsTX Login URL that has been provided for your organization + “saml/metadata” e.g. https://yourorg.skillstx.app/saml/metadata |
Once a change has been made to any of the parameters the Update Settings and Reset buttons will become active.
To update the settings with your changes use the Update Settings button
To revert back use the Reset button
Related Help pages