Security Assertion Markup Language (SAML) is a standard for logging users into applications based on their session in another context. This has significant advantages over logging in using a username/password: no need to type in credentials, no need to remember and renew password, no weak passwords, etc. Your company already know the identity of users because they are logged into their Active Directory domain or intranet. It is natural to use this information to log users into EloView Cloud Portal. EloView SAML Configuration enables your technology to be more efficient.
To enable SAML configuration
- After login, click to Account > Account Settings
- Select SAML tab
- Click on "Add"
- You will get the form to fill entries
Follow the steps to fill up the above form
- Create onelogin/Okta developer account and setup application.
- Login to your SAML developer Account.
- Switch to the SSO Tab.
- Copy the SAML 2.0 Endpoint (HTTP) property and paste it to SAML Login URL field of SAML configuration from in EloView.
- Copy the SLO Endpoint (HTTP) property and paste it to SAML Logout URL field of SAML configuration form in EloView.
- Under the X.509 Certificate, click on view Details .. It will open another page.
- Copy the X.509 certificate without the Begin certificate and End certificate headers and footers.
- Put the copied lines in the SAML IDP Certificate entry in EloView.
- Add multiple domains and users also here.
- Click on Apply to save changes.
Once you will save the changes, you will get 3 urls
- ACS (Consumer) URL Validator
- ACS (Consumer) URL
- Note down all these urls and setup in your SAML developer account.
- Add Parameters also in developer account named as: firstName, lastName, email.
*Parameter names must be the same as mentioned above or else you won't get data in EloView portal.
API token for SSO (SAML) based logins
Customers who want to restrict login to SSO/SAML will also have the option to use API tokens or non-user password based authentication. The optional authentication method will leverage our DevZone sessions, API and authentication token. Client ID/Client Secret is generated from “User Profile” and this is used to create the authentication token. Login will now default to “Disabled” when Single Sign-on is Enabled. Implementing this in conjunction with SSO (SAML) will improve login experience and security.
Go to > “User Profile” > “Generate oAuth Credentials” to generate clientid and clientSecret. Then Go to “Dev Zone” > “API” > “Authentication” > insert “clientid and clientSecret” in respective field to generate authentication token (authPayload value).