Consultation Manager support SAML SSO.
You can configure SSO in the Management area of the system.
First, navigate to Management (1), Single Sign On (2).
This will open a new panel where you can enter the details of your unique SSO configuration.
Type (3): Select the type of SSO configuration. Please note that only SAML is supported at this stage.
Enable Test Mode (4): Test mode will ensure the username and password boxes remain present on the login screen even when SSO is configured. In the event there are issues during setup, you can use your username and password to log in to Consultation Manager.
Sign Out Required (5): Single log out. Note, if yes, you must provide a signout URL either via Metadata XML URL or in the relevant Manual Metadata field.
Next, enter the Identity Provider Configuration details.
Entity ID (6): Your IDP Entity ID
Metadata (7): You can provide this 3 ways
Metadata XML URL: Provide your URL in the box below
Metadata XML Upload: Upload your XML file NOT YET AVAILABLE
Manual Metadata: Configure the metadata settings manually in the form below
Manual Metadata Settings include:
- X509 Public Certificate (required)
- Sign On URL (required)
- Sign Out URL
- Artifact Resolution Service URL (General required)
Next, review your preferences for User Provisioning (8). Setting this to [On] will autocreate a Consultation Manager User if one doesn’t exist on sign in. Currently, you cannot disable this.
Next, enter additional metadata (9) to allow Consultation Manager to contact you in the event of changes to our provision of SSO.
Once you configure the IDP settings above, ensure Test Mode is enabled and click [Save] (10). Refresh your browser window at this point.
After refreshing, navigate back to the SSO configuration area and you will see the Service Provider Configuration and SAML Attributes. The Service Provider details should be used to configure your IDP. Please note that the below is an example only and is unique to your configuration. If you implement a new configuration, these details will be updated also.
Once configured on your end, log out and use the Single Sign On button (11) to log in.