24. Manage SSO Settings

Manage SSO Settings

This page will show If Single-Sign-On (SSO) has been enabled for your organization, And you have been granted access to Manage SSO Settings as an Admin.

These parameters provide the ability for an organization to setup the Single Sign-On options for their own organization, without needing to rely on SkillsTX.

These settings are ONLY for identity SSO/Identity Management experts NOT for general administrators.

It's important to note that the specific steps and configurations may vary depending on the the IDP being used, and any additional security requirements you have. Many modern applications leverage standards like SAML (Security Assertion Markup Language) or OAuth/OpenID Connect to facilitate the SSO process with Active Directory.

image-20240108-224003.png

 

Parameter

Values

Description

SSO SAML Enabled

  • True

  • False

Whether or not SSO is to be enabled

Do you want to restrict logins to SSO ONLY

  • No

  • Yes

When set to No, both the Email/password option and SSO will be available for login

When set to Yes, the option to Login using Email/Password will not be available on the Login page.

 

(NOTE: When the above parameter set to Yes, it will prevent access by external parties, who may be providing support, to access your SkillsTX environment)

Do you want to bypass the Login Page

  • No

  • Yes

This provides the ability for automatic login when the SkillsTX URL is selected without the need to press the SSO Login button.

Only becomes Active if Do you want to restrict logins to SSO ONLY = Yes

= No - The Login page will display, and the User will be required to use the SSO Login button to Login.

= Yes - When the User selects your SkillsTX instance URL, it will log them in automatically using their Login credentials as defined for SSO

SSO SAML EntityId

EntityID

e.g. https://yourorg.skillstx.app/saml

SSO SAML Claim Email Address

Required to use the Login with SkillsTX

A "claim" is a piece of information about a user that is provided by the Identity Provider (IDP) to the Service Provider (SP) during the authentication process.

In the case of the "Email Address" claim, it means that the IDP will include the user's email address as part of the SAML assertion sent to the SP. The SAML assertion is a digitally signed XML document that contains information about the user's identity and other relevant details.

AUTO - MANUAL

  • AUTO

  • MANUAL

 

SSO SAML IP Metadata Address

 

The "federationmetadata.xml" is an XML file that contains metadata information about an Identity Provider (IDP) or a Service Provider (SP) in the context of federated identity management and Single Sign-On (SSO) using SAML (Security Assertion Markup Language) or WS-Federation protocols.

Identity Provider (IDP) Metadata address for your organization

SSO SAML Metadata Address

 

Usually this will be in the format of the SkillsTX Login URL that has been provided for your organization + “saml/metadata”

e.g. https://yourorg.skillstx.app/saml/metadata

Once a change has been made to any of the parameters the Update Settings and Reset buttons will become active.

  1. To update the settings with your changes use the Update Settings button

  2. To revert back use the Reset button

 


Related Help pages