Single Sign-On
Following you will find information and setup instructions for SAML based Single Sign-On with Commanders Act.

Overview

Commanders Act supports SAML 2.0 based Single Sign-On authentication and authorisation.
Swimlane diagram of the Single Sign-On functionality.

Setup

To setup Single Sign-On Commanders Act requires the metadata.xml of the IDP or following information:
  • Single Sign-In Endpoint
  • Single Sign-Out Endpoint
  • EntityId of the IDP
  • Public key of the IDP (X509 certificate)
Please contact a Commanders Act consultant to initiate the setup. You will then receive a namespace parameter <name> and the site id <id_site> used in following SAML Endpoints and SAML Attributes.

SAML Endpoints

Following you will find an overview of the SAML API endpoints used by Commanders Act.
SP Entity ID/Partner's Realm commanders-act

SAML Attributes

Following SAML attributes are currently supported. It is required to send the email attribute.
Attribute
Description
Type
firstname
User first name
optional, default empty ''
lastName
User last name
optional, default empty ''
email
User email
required
companyName
Company name
optional, default empty ''
jobTitle
Job title
optional, default empty ''
mobileNumber
Mobile phone number
optional, default empty ''
lang
User language code
optional, default empty ''
commandersact_<id_site>
Applied user profile
optional, Possible values:
  • administrator
  • technical
  • marketing
  • custom
  • readOnly
  • partnerAdmin
  • partner

FAQ

How long is the SAML session duration? 1440 seconds.
Which protocol is used for Single Sign-On? SAML 2.0
Last modified 2yr ago