SAML

Security Assertion Markup Language (SAML) allows members to log into multiple applications with one set of credentials. Most organizations already know the identity of members because they are logged into their Active Directory domain or intranet. SAML uses this information to log members into Officevibe. This single sign-on (SSO) login standard has advantages over logging in using a username/password:

  • No need to type in credentials.
  • No need to remember and update passwords.
  • No weak passwords.
  • Use Force SSO if you activate SAML. 

If you are using Azure AD or Google, we recommend you connect using their respective SSO options.

Configuration and parameters

You must reach out to Officevibe support to configure SAML. Before reaching out, please ensure:

  • You have created your SAML 2.0 application so that you can provide us your SAML metadata. You must provide:
    • Issuer URL.
    • Certificate (SHA-256 signature algorithm).
  • The NameID format must be persistent.
    • The value/username must be email.
  • You add the attribute/parameter http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress .
    • The value must be email.

When you configure the application in your IdP (Identity Providers), you will need to enter URL values that only we can provide once we receive your issuer URL and your certificate. In the meantime, add https://www.placholder.com as the value to complete the creation of your app.

Once this is done, please fill out this request form to get in touch with our Support team to provide them with your metadata. We will register your IdP in our system and send you back the URLs you need to complete your application's configuration.

Limitations

  • We only support SAML 2.0.
  • We only support the IdP Initiated flow (there is no user-friendly URL to authenticate users).
  • There is no Single Log Out (a user logging out of Officevibe will not be logged out of the system running the SAML authentication).
  • Authentication requests must be signed with the SHA-256 algorithm.

If your organization wants to authenticate with O365 GCC High, you must use SAML. 

Cost

SAML is accessible for members of Officevibe's Pro Plan at no additional cost. 

 

Other SSO Options: 

Share