Configuring IDP SAML as SSO for TrueCommand SAML Service
2 minute read.Last Modified 2023-11-30 10:15 EST
TrueCommand allows identity provider (IDP) SAML single sign-on (SSO) configuration as of release 2.3.3. With IDP-SAML SSO you can configure a provider such as Okta, AuthO, OneLogin, or Google to provide TrueCommand SSO through the IDP SAML service dashboard instead of using the TrueCommand SAML sign-in option.
Security Assertion Markup Language (SAML) is an SSO standard for logging users into applications that require authentication credentials (like GitHub, G-Mail, etc.). SSO works by transferring a known identity for a user to another location that provides services to the user. SAML accomplishes the transfer by exchanging digitally-signed XML documents.
A SAML configuration requires an Identity Provider (IDP) and Service Provider (SP). When the IDP-SAML service provides the SSO, TrueCommand becomes the service provider.
IDP-SAML provider configuration settings and attributes can differ. This article provides general instructions, settings, and attributes for configuring an IDP-SAML SSO for TrueCommand as a cloud service provider.
TrueCommand IDP SAML does not support groups at this time.
Set support to PERSISTENT.
Download the IDP SAML metadata.
Download or copy/paste the single sign-in URL (https://)
Enter attributes as shown in the table below, with the underscore (attribute_name) if indicated.
For IDP SAML SSO, TrueCommand does not require the certificates from the IDP provider.
Define these attributes in the IDP SAML service provider:
|Full Name||given_name or display_name|
|mail or email|