Single Sign-On

Following you will find information and setup instructions for SAML based Single Sign-On with Commanders Act.

Overview

Commanders Act supports SAML 2.0 based Single Sign-On authentication and authorisation.

Swimlane diagram of the Single Sign-On functionality.

Setup

To setup Single Sign-On Commanders Act requires the metadata.xml of the IDP or following information:

  • Single Sign-In Endpoint

  • Single Sign-Out Endpoint

  • EntityId of the IDP

  • Public key of the IDP (X509 certificate)

Please contact a Commanders Act consultant to initiate the setup. You will then receive a namespace parameter <name> and the site id <id_site> used in following SAML Endpoints and SAML Attributes.

SAML Endpoints

Following you will find an overview of the SAML API endpoints used by Commanders Act.

ACS URL/Endpoint URL https://platform.commandersact.com/saml2-acs/<name>

Login URL https://platform.commandersact.com/saml/<name>

SP Entity ID/Partner's Realm commanders-act

SAML Attributes

Following SAML attributes are currently supported. It is required to send the email attribute.

Attribute

Description

Type

firstname

User first name

optional, default empty ''

lastName

User last name

optional, default empty ''

email

User email

required

companyName

Company name

optional, default empty ''

jobTitle

Job title

optional, default empty ''

mobileNumber

Mobile phone number

optional, default empty ''

lang

User language code

optional, default empty ''

commandersact_<id_site>

Applied user profile

optional, Possible values:

  • administrator

  • technical

  • marketing

  • custom

  • readOnly

  • partnerAdmin

  • partner

FAQ

How long is the SAML session duration? 1440 seconds.

Which protocol is used for Single Sign-On? SAML 2.0