Prerequisites
Before we begin, we highly recommend that you ensure that your Identity Provider Application be configured before continuing. If this step then there is a possibility that the Metadata Certificate will not be valid and you will experience errors when attempting to log in.
Another prerequisite is that you should secure your Application Metadata information in your IDP, this will require your IDP Administrator’s involvement.
Where can I find my Application Metadata Certificate?
Azure Active Directory
You can locate your Metadata Certificate (Base64) in Section 3 of the Single Sign-on Tab of your Enterprise Application. Section 4 contains the IDP Login URL which is required for SSO.
Okta
You can locate your IDP values by selecting the View Setup Instructions in the Sign On Tab of your Okta Application.
PingOne
You can locate your IDP Sign-on URL and signing certificate under the Configuration Tab of your Application.
OneLogin
You can locate your X.509 Certificate and SLO Endpoint (HTTP) in the SSO Tab of your application.
Steps to Follow
-
Select the SAML SSO Configuration tab in your Living Security Training Platform Application.
-
Make sure your application Identity Provider Configuration Mode is set to Manual Mode
-
Paste the IDP Sign-on URL from your Organization’s Identity Provider Application to the Identitiy Provider Sign In URL field.
-
The Base64 Certificate will need to be pasted into the Identity Provider Signing Certificate box, including the ----BEGIN CERTIFICATE---- and ----END CERTIFICATE---- by opening your certificate in a text editor.
-
Select Save
ℹ️ If you are getting an invalid format error after selecting Save, please paste your certificate into this tool and then paste the formatted output back into the signing certificate box.
If your certificate is valid, you should see a new attribute populate with the Certificate Expiration date. If you can see this, congratulations! You have formed a SAML SSO Connection between your IDP and Living Security Training Platform!