Security Assertion Markup Language (SAML) is an open-standard, XML-based format for exchanging authentication and authorization between an identity provider and a service provider. One of its advantages is that it makes single sign-on (SSO) possible between multiple online services.
The SAML SSO Settings page is where you configure Adaptive Planning to interact with your Identity Provider. See the SAML SSO Documentation for more information on setting up SAML SSO.
SAML Configuration fields on this page are:
- SAML version: What level of SAML to use to interact with your Identity Provider
- Identity provider name: The name of the identity provider you are linking to Adaptive Planning
- Identity provider entity ID: The ID of the identity provider. This is generally found in the Admin section of your identity provider's interface.
- Identity provider SSO URL: The URL used by the identity provider to directly log in to Adaptive Planning. Usually in a form similar to:
- Custom logout URL: Optional. Enter a URL to load when the user logs out from the Adaptive Planning.
- Identity provider certificate: Click Browse to upload the certificate downloaded from your identity provider's interface.
- SAML user ID : Select the user ID type to be used: the user's Adaptive Planning username or their federation ID.
- SAML user ID location: Select where in the SAML token the user ID can be found.
You can also use the Enable SAML menu to enable or disable SAML SSO, or to allow both SAML SSO and Adaptive Planning login. To log in to Adaptive Planning login page using SAML SSO, users can leave the password field empty to be forwarded to your identity provider for authentication.
With SAML SSO enabled, Admin users granted the SAML role permission can log in using SAML SSO or their Adaptive credentials.
You can use this image as an IDP tile: