Single Sign On

RapIDadmin supports single sign on through SAML 2.0. Setting up SSO may require help from your IT department or SAML identity provider (IdP) administrator.

How to enable SSO

The SSO administration settings are located in RapIDadmin and are available to users that are granted the RapIDadmin:Administration:Settings permission.

Navigate to RapIDadmin > Administration > Settings to view the Sign Sign On settings.

Open

Enable Single Sign On - This will enable the Sign Sign On feature for your account.

Default Tenant - Select the tenant that your users will be assigned to by default when they first log in. If there is an existing user with a matching email address, the tenant will not be updated for that user.

Identity Provider - Select SAML.

Metadata Document Url - This is a link to the metadata document that describes your identity provider settings. When you hit save, we will fetch this document to configure your connection.

Email Attribute - The URI of the email attribute found in the response from your IdP.

First Name Attribute - The URI of the first name attribute found in the response from your IdP.

Last Name Attribute - The URI of the last name attribute found in the response from your IdP.

Login Url - This is the URL that your users will navigate to in order to initiate the service provider-initiated login flow.

After you hit Save, you will see two values that you will need in order to configure your IdP

Signing Certificate - Your IdP will need the signing certificate to verify the signature of our SAML requests.

Callback Url - This is the URL that your IdP will use to redirect authenticated users along with their signed assertions.