Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Setting up SAML2 integration is a multi-step process that involves effort from both the customer’s and MeetingPulse’s engineering teams. It consists in working with the Identity Provider (IdP) that the customer handles and authorizing this provider in MeetingPulse, which acts as a Service Provider (SP).

 

Setting up your SAML2 SSO

Prerequisites

  • A third-party Identity provider (OKTA, Azure, etc.)

  • A tenant created in the identity provider environment

Set-up 

  • Use our manifest (https://app.meet.ps/api/auth/saml2 ) to set up support for our SP at your side.

  • Sets up the integration using the UI specific to your Identity Provider. Steps will vary depending on the third party; below is an example of an Azure setup.

  • Once the setup is completed on your end, please provide your IdP manifest to us, either as an XML file or as a link to it. The latter benefits from auto-updates if you need to make subsequent corrections to your configyour IdP manifest.

  • We will then white-list your integration to finalize the SAML Integration on our end.

Testing 

  • You should be able to see MeetingPulse in your list of apps in your SAML portal.

  • Alternatively, you can test the integration by visiting the login link:
    https://app.meet.ps/api/auth/saml2/login/<customer-alias>
    * customer alias will be provided by us

 

Example - SAML2 SSO with MS Azure

Prerequisites

  • A Microsoft Azure account

  • A tenant created in the Azure environment

  • Access to Azure Active Directory

Set-up 

  1. Login to your Azure account as an Admin; verify that you have your correct tenant.


  1. Go to >> Enterprise applications >> Create your own application >>  Integrate any other application you don't find in the gallery to create a new custom integration.

  2. Navigate back to Enterprise applications to find the newly-created application. It will have a quick-start list of options to do.

  3. Make sure to set up the list or groups of users who should have access to use your application, as it’s set to restricted by default.

  4. Go to Set up Single Sign-On with SAML (fig. 1), and upload the MeetingPulse XML file from https://app.meet.ps/api/auth/saml2 for basic configuration.

    Alternatively, you can set up the configuration manually, specifically:

  1. In the Attributes & Claims section (fig. 2), make sure to set up the following:

  • Set the Email attribute to your user emails.

  • Set FirstName and LastName to match the first and last names of your users. (You can also define FirstName only, LastName is optional)

  • Make sure that no namespace is set for the attributes mentioned above (Email, FirstName, LastName).

  • Set a Unique user identifier to a Persistent format. (Recommended “user.objectid” as a source attribute).

  • Finally, share the App Federation Metadata URL with MeetingPulse Support to whitelist the integration.

...