In This Article |
This article contains the basic steps required to configure a SAML 2.0 Identity Source, with the value being authentication into Clearlogin from another SSO provider (Okta, Onelogin, etc.). Clearlogin will appear as a tile/icon within your SSO provider of choice when using this method.
Your SSO provider becomes the identity provider for Clearlogin, henceforth you need the following attributes associated with the user accounts on your SSO provider:
On the SAML 2.0 configuration page, fill in the following fields:
Display Name | EXAMPLES
|
---|---|
User Domain | EXAMPLES
|
Access Tag | < leave blank > |
Priority | When you have multiple identity sources, this number tells Clearlogin which identity source to query first when a user signs in. If two or more identity sources have the same priority number, Clearlogin will query the identity source with the oldest creation date first and the newest creation date last. 1 (highest priority) - 10 (lowest priority) |
Timeout | The amount of time Clearlogin will wait for a response from the identity source. 10 seconds (default) |
Single Sign-On URL | The SSO provider's Single Sign-On URL. It is also referred to as the "SAML Endpoint". |
Issuer URI | This is often referred to as the Entity ID or simply "Issuer." The assertion will contain this information, and the SP will use it as verification. |
Signature Certificate (X.509 Certificate) | Copy and paste this in from your SSO provider. |