You can set up SAML-based single sign-on (SSO), giving users access to holaSpirit through an identity provider (IDP) of your choice.
This configuration can be done from the Connection tab of the administration.
1. Enable SAML for your organization on your holaSpirit
Fill in the form above in order to be able to enable SAML.
Once SAML is enabled, the page will show you the SAML metadata URL, with information that you need to set up your identity provider.
2. Configuring the identity provider
You can then set up a connection with your identify provider (IDP).
For MS Azure, you can read the documentation: https://azure.microsoft.com/en-us/documentation/articles/active-directory-enterprise-apps-manage-sso/
3. Configuring the holaSpirit connection
After that, you can configure your platform:
- the Issuer URL (A.K.A.: SAML Entity ID)
- the SSO Endpoint (this is where you go when you try to login) (A.K.A.: SAML Single Sign-On Service URL)
- the SLO Endpoint (logout URL)
- the certificate (provided by your IDP)
The certificate must be in PEM format, it must look like :
For Okta users :
In the settings of you app, in "General" "SAML settings", be sure to add the following attribute statements :