1. Home
  2. Admin
  3. Security
  4. Setting up SAML 2.0 Single Sign-On (SSO)

Setting up SAML 2.0 Single Sign-On (SSO)

The Fuel Cycle platform supports SAML 2.0 SSO and welcomes clients who want to enable this feature for their client users. The instructions are simple and straightforward with the assumption that the metadata exchange is handled by your company’s IT personnel.

SSO enables community members or moderators login to a Fuel Cycle community using their own company network or website login.

Preliminary requirements

In order to setup SAML 2.0 SSO integration for a client community, we need to ensure that the following assumptions are met:

  • Your company assumes the role of Identity Provider (IDP) and delegates the role of Service Provider (SP) to Fuel Cycle
  • Your company has SAML 2.0 SSO login system set up for the role of IDP

How to Setup

  1. Your company provides Fuel Cycle with IDP metadata
  2. Fuel Cycle provisions new SP metadata to the client
  3. Your company adds our provided SP metadata to their SAML 2.0 SSO system
  4. Fuel Cycle adds client’s IDP metadata to their community backend

Once this is completed, we can request that the client test and verify that it is working in their system as expected, as clients are the ID provider who is responsible for generating the authentication.

Identifying Members

Every authenticated member login that is SSO verified in the community using SAML 2.0 must include the member’s email address associated with their community registration.

See the bottom of this article for details and an example of how to include the email address attribute in the SAML response.

Sending the email address attribute in SAML response

SAML Response must have the saml:Attribute with the Name as ‘EmailAddress’ and corresponding saml:AttributeValue exactly the same as the email address of our SP account. Then we can use this email address to retrieve the corresponding user account on SP side to complete the sign on.

Please reference the highlighted portion of the response below as an example.

SSO SAML Response

Updated on June 4, 2020

Was this article helpful?

Related Articles