ANCILE Info Pak, uLearn, & uAlign

uAlign Administrators: How do I provide single sign-on (SSO) authentication with uAlign?

Objective

  • ANCILE uAlign can provide single-sign-on (SSO) capabilities through an Identity Provider (IdP) that supports Secure Assertion Markup Language 2.0 (SAML). 
  • Once single sign-on is enabled, the administrator can choose whether or not uAlign will continue allowing users to authenticate using uAlign's standard form-based authentication.

Environment

  • Product: ANCILE uAlign

Prerequisites

  • Administrator access to uAlign
  • An Identity Provider (IdP) that supports Secure Assertion Markup Language 2.0 (SAML)
  • Your Identity Provider (IdP) must be configured to include the user's email address as an attribute named User.email in the SAML response. 
  • The target URL for your Identity Provider (IdP) where uAlign will sends the SAML request during login.
  • The public authentication certificate issued by your Identity Provider (IdP).
  • Optional: The target URL to direct the user when logging out of uAlign. If no URL is provided, the user will be redirected to a uAlign general logged out page.
  • Optional: The URL of the page users should be directed to if an error occurs with the SAML Provider. It must be a publicly accessible page.

Procedure

  1. Log into uAlign and click the Settings icon in the upper right.
  2. Click Organization.
  3. Click the Edit (pencil) icon on the far right of your organization.
  4. Click the Enable SAML 2.0 Authentication check box.
  5. Optionally, click the Allow ANCILE uAlign Form-based Authentication check box.  Enabling this option will allow users to log on using their uAlign credentials.
  6. Select the desired SAML Token Unique Identifier format.  This is the attribute that contains the the user's email address.
  7. Enter the Identity Provider SAML Target URL.
  8. Obtain the Public Certificate from the Identity Provider (IdP), copy the certificate value and paste it into the Identity Provider Public Certificate field.
  9. Optionally, enter the Identity Provider Logout URL. A user will be redirected to this URL when logging out of uAlign. If no URL is provided, the user will be redirected to a uAlign general logged out page.
  10. Optionally, enter the Identity Provider Error URL. A user will be redirected to this URL if an error occurs with the SAML Provider.
  11. Click Save.

Additional Information

  • Refer to the documentation supplied by your Identity Provider (IdP).
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments