Support for SAML.

Hi Nate,

Would this be a SAML integration for a single account? If so, I might have some documentation that could help you get started.

Luke

I am talking about using SAML assertion for single sign on of all our customers.

We are deploying a SAML based identity portal (VMware's Horizon) for Office365, Citrix Netscaler, SharePoint, Blackboard, ERP Systems, OWA, Salesforce ...etc.

I have been told that there are ways to incorporate non SAML assertion SSO mechanisms into the portal but it is always much nicer if it is naively supported by the app.

On a call with the dev's 8 months or so ago I was told it was on the way. I am also going to reach out to our account manager on this one.

SAML is available for technicians (but very much beta), but not the customer portal at the moment.

Can you provide instructions on implementing SAML for techs?

Is SAML still in beta?
Will it be available for customers?

Our service desk is internal support only for a single AD DS domain and unfortunately with IIS and windows integrated auth customers have to have domain joined machines, browser integrated auth support, and they need to be on the internal network. Customers are not always in the office and on a domain joined machine; therefore they cannot access the service desk to submit incidents. VERY DISAPPOINTING.

Our existing service desk that we are replacing supports web SSO via AD FS so this is going to be tough for our customers.

I just wish that I had not been told SAML was on the way. We will now likely have to pay for a custom module in order to support the current authentication method in our portal. Either that or just move to a different product. There is a huge student driven emphasis right now on simplifying web application access.

I am not sure what I'm going to do at this point. Sort of in a bind. I am going to check with my account manager on this. I'll have to address this with our CIO and possibly get a refund. Sort of sad cause I love the product.

Luke - can you please update us here. Thanks...

Brenden,

One of my engineers forwarded me an email conversation that he had with our account rep in March.

Apparently they do support SAML. We were given an internal document on how to configure OneLogin to do SAML auth to G2A.

Just talk to your account rep. They will need to have it enabled for you.

We havn't actually tried to use it yet. I would be interested to know how it works for you.

Nate- thanks a bunch. I spoke to a level 2 support for G2A yesterday and they provided the documentation for configuring WebSSO / SAML 2.0. Although AD FS is not technically a compatible IDP it is listed and should work.

I'm told it works with named techs only but it sounds like it will also work with customers. Admins can enable SSO but did your account rep have to enable it for customers?? I'm wondering how that is going to work as techs and customers have different portals.

We havn't moved forward yet with even enabling it. I'm really suprised that it doesn't support WSFED.

I don't know about the techs vs customers. I assumed that it was for customers but I should have that clarified. I honestly don't care about our technicians signing in through an SSO portal. The whole idea of the portal is to enhance our student experience.