Space TimelineSpace Timeline

Using SAML Metadata

Owned by
Nataliia Plakhtii (Deactivated)
Last updated: May 17, 2024 by
Mercedes Rothwell
2 min read

To securely use SAML Metadata, partners share metadata which contains:

  • Entity ID

  • Cryptographic Keys

  • Protocol Endpoints (bindings and locations)

Tips:

  • Every SAML System Entity contains entity ID, the globally-unique identifier (used in software configurations), relying-party databases, and client-side cookies. On the wire, every SAML Protocol message contains the entity ID of the issuer.

  • SAML Metadata can be identified by the initial tag: <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ...>

Connect Metadata Location

Once you configure SAML in Connect, connect the metadata location via the following link: https://www.preprod.docupaceinc.com/financialdemo_ui/sso/samlMeta/default

IDP Setup

Docupace provides SAML 2.0 Metadata. Your Identity Provider (IDP) administrator can use this metadata to register Docupace as an authorized Service Provider.

Tips:

  • To import metadata into your Identity Provider (IDP), refer to your IDP documentation.

  • To finalize the setup, provide Docupace with Identity Provider (IDP) and IDP's metadata.

Note: If the Customer requires assistance in configuring their Identity Provider (IDP), engage professional services into the IDP configuration.

Assertion Requirements

The are the following assertion requirements for configuring SAML:

  • SAML assertion should contain <saml:Subject><saml:NameID>userNameInDocupace<saml:NameId/></saml:Subject>

  • userNameInDocupace must match exactly the configured user in Docupace.

User Configuration

Standard Docupace configuration for the integration of SAML and SSO is based on users that are configured to only support login via SAML.

Service Provider Initiated by SSO

Docupace supports a Service Provider (SP) that is initiated by SSO. This Service Provider (SP) initiated by SSO includes the following link types:

Link Type

Purpose

Link

Link Type

Purpose

Link

Base

For configuring Service Provider (SP) initiated by SSO

https://{{host}}/site_ui/sso/saml/default

Deep

For launching the Monitor function

Non-SSO URL https://{{host}}/site_ui#/monitor

SSO URL https://{{host}}/site_ui/sso/saml/default/bookmark/monitor

 

© Docupace Technologies 2020 | Documentation Dashboard