Following are the generalized steps for setting up Single Sign On between Skills Base and any SAML2-compatilble Identity Provider.
Configure Skills Base SSO (Part 1)
-
Log in to Skills Base as an Administrator
-
From the left side of menu, select [Administration > Authentication]
-
On the Authentication page in the Identity Providers section, select Add identity provider.
-
Click Add to use the default settings.
-
In the Application Details panel, next to SAML SP Metadata, select Download XML File and save the resulting file on your computer.
Configuring your Identity Provider (IdP)
-
Import the Skills Base metadata into your IdP. How exactly to achieve this will depend on your IdP. Consult your IdP's support documentation for more information.
-
Configure the attribute filters. Skills Base requires the following attributes:
-
Email address
-
Given name
-
Surname
-
-
Download your Identity Provider's SAML metadata file and save it on your computer.
Configure Skills Base SSO (Part 2)
-
Return to Skills Base and select [Administration > Authentication] from the left hand menu.
-
In the Identity Providers section, select the edit button (denoted by a pencil icon) for the Identity Provider record you added.
-
In the Edit identity provider panel, for SAML IdP Metadata select Upload an XML file
-
Click Browse to choose a file. Select the Federation Metadata XML file that you downloaded from your Identity Provider and click Save.
-
In the Authentication panel, for Single Sign-On select the Identity Provider you added
-
Make sure the option to bypass the Skills Base login screen is deselcted for now. You can enable this option later, once the integration is proved to be working.
-
If you would like to enable Just In Time user provisioning, enable the Automatic user account provisioning option.
-
click Save changes.
The Identity Provider you added in the Identity Providers panel should now have a green Enabled badge in the Status column.