Welcome to our guide on integrating Single Sign-On (SSO) using Secure Assertion Markup Language (SAML) with Re-Leased. Single Sign-On streamlines the login process, allowing users to access a suite of applications, including Re-Leased, by signing in just once through their company's authentication system. This article will walk IT professionals through the process of enabling SAML SSO in Re-Leased to provide a seamless and efficient login experience for their users.
Understanding How SAML SSO Works Within Re-Leased
SAML SSO within Re-Leased functions as it does with any SAML-compatible service provider. By setting up a trust relationship between Re-Leased and your Identity Provider (IdP), such as Active Directory or LDAP, authenticated users can access Re-Leased without the need for repeated sign-ins, enhancing security and convenience.
Prerequisites for Enabling SAML SSO
To activate SAML SSO for Re-Leased, ensure the following requirements are met:
- The SSO feature is included in your current Re-Leased plan. If uncertain, please get in touch with our sales team.
- Your company operates a SAML server that manages user authentication, which can be an in-house solution or a cloud-based service.
- All traffic to Re-Leased must be secured via HTTPS protocol.
- Gather crucial setup details including the SAML server's remote login URL and the SHA2 fingerprint of the SAML certificate.
Configuring SAML SSO for Your Re-Leased Account
To enable SAML SSO, follow these steps:
- Login to your Re-Leased account with administrator privileges.
- Navigate to the top and select Settings, then choose Manage Single Sign On.
- Set SAML Sign-on mode to Enabled. Selecting Enforced will make SSO the only login method.
- In the Sign-on Url field, input your IdP's remote login URL.
- Provide the SAML Public Key by entering the Certificate fingerprint, ensuring secure communication with your SAML server.
- Optionally, specify Auto-provisioning domains to automatically create user accounts with matching email domains in Re-Leased.
- Confirm proper attribute mapping for auto-provisioning, specifically for first and last names of users.
- Document the Audience URI, ACS URL, and Sign-on URL provided by Re-Leased, and share these with your IT team for IdP configuration.
- Finalize your settings by clicking Save.
By implementing these steps, you will activate SAML SSO, allowing users to access Re-Leased quickly and securely with their corporate credentials.
For Azure AD users, a detailed guide to configuring SSO to work with Azure AD can be found here.