Single Sign-On (SSO)

Use an outside authentication source to verify users into your community

Single Sign-On (SSO) enables your users to authenticate with our application via your identity provider. When enabled, all other forms of authentication are disabled. Your identity provider is required to support SAML 2.0.

Step 1. Setup Identity Provider

Add a new service provider (Honeycommb) to allow us to access your identity provider. You have 2 options for integrating: manually via attributes or using the XML IDP metadata (recommended).

To integrate manually, copy the following fields into your SAML configuration on Honeycommb:

If you provide the IDP cert, you do not need to provide the IDP cert fingerprint nor IDP cert fingerprint algorithm.

If you provide the IDP cert fingerprint and IDP cert fingerprint algorithm, you do not need to provide the IDP cert.

To integrate with XML IDP Metadata, copy the IDP Metadata into the IDP Metadata field:

You will also need to fill in the Idp entity name which gets used to display single sign on.

Step 2: Service Provider Details

The service provider details are provided on your community details page.

Step 3: Name ID and Attributes

We require that the name ID is returned as an email address.

We also require the following attributes:

  1. first_name should be the first name of the user.
  2. last_name should be the last name of the user.

Failure to map these fields will result in failed SAML auth requests.

RELATED: The User Experience in using SSO to log into the community