Skip to main content

SSO SAML identity provider

Brooke Henshall
  • Updated
error_outline This option is available through beta features, read more about beta features here.

error_outline This option can only be done by administrators.

To add your own SSO SAML identity provider, follow the steps below.

  1. Click the domainSchool name in the menu on the left.
  2. Click settingsSettings in the menu at the top. 
  3. Click Single Sign-On in the menu on the left. 
  4. Click the orange box New identity provider and fill in a name. 
  5. A new page will open. In the box, 'School name',  you will need to give your identity provider the name that should appear on the sign-in screen. We recommend using your school name. 
  6. Fill in the metadata URL of your identity provider.
  7. Click Create.
    Screenshot_2022-02-08_at_12.51.47.png
  8. We will then parse the metadata URL and retrieve all relevant information.
  9. You will be taken to a page with all the relevant information to connect Ans to your identity provider. 
    Screenshot_2022-02-08_at_12.55.03.png

  10. Toggle the Active for users to switch to enable the identity provider on the Ans sign-in page.

It may be that you need to add mapping for the required attributes (which can be viewed in the metadata). We require you to use URN definitions:
 
'uid' => 'urn:oid:0.9.2342.19200300.100.1.1'
'mail' => 'urn:oid:0.9.2342.19200300.100.1.3'
'affiliation' => 'urn:oid:1.3.6.1.4.1.5923.1.1.1.1'
'surname' => 'urn:oid:2.5.4.4'
'studentNumber' => 'urn:oid:1.3.6.1.4.1.25178.1.2.14'
'givenName' => 'urn:oid:2.5.4.42'
 
lightbulb_outline
This feature is currently in development. You can stay up to date with the progress by visiting our roadmap. If you are already using this feature, we would love to hear your thoughts. You can leave them here. After ranking how important the feature is to you, you can leave a comment.

Related articles

Comments

0 comments

Please sign in to leave a comment.