Single Sign-On

Search…

Overview

Knowledge Base

User management

Single Sign-On

Two-factor authentication (2FA)

Rest API

TIPS & TRICKS

ONSITE API

Single Sign-On

Following you will find information and setup instructions for SAML based Single Sign-On with Commanders Act.

Overview
Commanders Act supports SAML 2.0 based Single Sign-On authentication and authorisation. 
Swimlane diagram of the Single Sign-On functionality.
Setup
To setup Single Sign-On Commanders Act requires the metadata.xml of the IDP or following information:
Single Sign-In Endpoint
Single Sign-Out Endpoint
EntityId of the IDP
Public key of the IDP (X509 certificate)
Please contact a Commanders Act consultant to initiate the setup. You will then receive a namespace parameter <name> and the site id <id_site> used in following SAML Endpoints and SAML Attributes.
SAML Endpoints
Following you will find an overview of the SAML API endpoints used by Commanders Act. 
ACS URL/Endpoint URL 
https://platform.commandersact.com/saml2-acs/<name>​
Login URL 
https://platform.commandersact.com/saml/<name>​
SP Entity ID/Partner's Realm
commanders-act
SAML Attributes
Following SAML attributes are currently supported. It is required to send the email attribute. 
Attribute
Description
Type
firstname
User first name
optional, default empty ''
lastName
User last name
optional, default empty ''
email
User email
required
companyName
Company name
optional, default empty ''
jobTitle
Job title
optional, default empty ''
mobileNumber
Mobile phone number
optional, default empty ''
lang
User language code
optional, default empty ''
commandersact_<id_site>
Applied user profile
optional, Possible values:
administrator
technical
marketing
custom
readOnly
partnerAdmin
partner
FAQ
How long is the SAML session duration?
1440 seconds.
Which protocol is used for Single Sign-On?
SAML 2.0
​
​

Knowledge Base - Previous

User management

Next - Knowledge Base

Two-factor authentication (2FA)

Last modified 2yr ago

Copy link

Outline