Skip to main content
Skip table of contents

Integration of Single Sign-on (SSO) using SAML

Read this article in: Deutsch, Français, Dutch

Setting up Single Sign-on (SSO) makes it easy for your users to log in and use the e-learning platform. Let’s take you through the steps needed to set up SSO.

Prerequisites

To get started, the following things are needed:

  • An active Azure Entra ID subscription

  • An active SoSafe license

  • You must have created an application and assigned users as shown in the SCIM instructions in steps 1 and 2.

Preparation

This process requires some back and forth between you and your SoSafe contact person. Before you can set up SSO in your Azure portal, you must provide SoSafe with your Tenant ID. We will then generate certain URLs that will be needed later on.

To find your Tenant ID, goto https://portal.azure.com/ and select Microsoft Entra ID, followed by Properties. You might have to scroll down a bit to find the Tenant ID box.

saml1.png

Setup

Once you’ve completed the preparation phase, the setup is fairly straightforward.

  1. Go to the Azure portal, select Enterprise applications and go to the SoSafe application.

  2. Here, select Manage and then Single Sign-On.

  3. Select SAML as the Single sign-on method.

  4. On the page Set up Single Sign-On with SAML, select Edit. A new dialog will open.

    saml2.jpeg
  5. Here, you will need to enter the URLs provided to you by your SoSafe contact person.

    1. In the Identifier (Entity ID) text box, enter the corresponding URL.

    2. In the Reply URL (Assertion Consumer Service URL) text box, enter the corresponding URL. It should look roughly like this: https://api.sosafe.de/v1/auth/saml/consume/

    3. In the Sign on URL text box, enter the corresponding URL. It should look roughly like this: https://api.sosafe.de/v1/auth/saml/login/<your Azure Tenant ID>  

    4. In the Logout Url text box, enter the corresponding URL. It should look roughly like this:
      https://api.sosafe.de/v1/auth/saml/logout/<Your Azure Tenant ID>

      saml3.jpeg

  6. Select Save.

  7. (Optional, but recommended:) Send the App Federation Metadata URL (found in section 3) to your SoSafe contact person.

  8. (Optional, but recommended:) Test the setup.

Alternate method

  1. Follow the the first 2 steps in the instructions above.

  2. On the Set up single sign-on with SAML page, scroll to the SAML Signing Certificate section and select Download next to Certificate (Base64).

    image-20240215-091554.png
  3. On the same page, scroll to Set up SoSafe and copy the 3 links provided there (Login URL, Azure Entra ID Identifier and Logout URL).

    image-20240215-091558.png
  4. Send those links alongside the contents of the certificate file from step 2 (you can open the certificate with a text editor) to your SoSafe contact person. They will then add that information to our systems and get back to you once that has happened.

  5. (Optional, but recommended:) Test the setup.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.