You can configure SAML 2.0-based Single Sign-on with a Softadmin® system as Service Provider and many SAML 2.0 compatible servers as Identity Provider.
The Softadmin® system gets all the information about the Identity Provider that it needs by reading a SAML metadata file that Identity Provider publishes. Set the system setting SingleSignOnSamlMetadataUrl to the location of this metadata.
If the IdP does not publish metadata then you can trick Softadmin® by creating your own metadata file by hand and serving it from any location. This will, however, require you to update the metadata file each time the IdP rotates its signing certificates.
Set SingleSignOnLoginProcedure to the name of the stored procedure that will extract user attributes from the SAML Assertion. Exactly how this assertion looks will depend on the Identity Provider. If the IdP administrator can not provide you with a sample then you best bet is to start with a procedure that simply logs the received assertion, configure a SAML integration to capture an assertion and then write the rest of the procedure based on the logged XML.
The format the Softadmin® system wants to receive usernames in. You can usually leave this as unspecified, but if the Identity Provider demands that another format is used then you can use the system setting SingleSignOnSamlNameIdFormat to change the format that the Softadmin® system will request.
The Identity Provider will require some subset of the following information.
The Softadmin® system publishes metadata describing it at
/saml/sp (for example
The value assigned to the system setting SingleSignOnSamldentity.
The location the Softadmin® system receives SAML assertions at. It is located at
/LoginPostback.aspx (for example
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified unless the system setting SingleSignOnSamlNameIdFormat has been changed (see above).