Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Additional Pages

SSO Self-Service Onboarding
OneLogin SSO Configuration
Okta SSO Configuration
Azure (Entra) SSO Configuration

...

  • metadata_url

  • SSO SAML form

    • identifiers: saml.corestrengths.com

    • email attribute mapping

      • http://schemas.xmlsoap.org/ws/2005/05/identity/claims/email

    • metadata url

      • NOTE: DO NOT USE THIS FOR CUSTOMERS

        • https://login.microsoftonline.com/2255232a-4dba-484e-8dad-53bf9950a79d/federationmetadata/2007-06/federationmetadata.xml?appid=96ccd567-a990-4dfc-a331-6e20d5b35291

...

Current IAM Authentication page-ish looks very similar to the following mock

...

Clicking on the SSO tab, for example, would bring one to a new authentication page akin the following mock

...

Entering an email here allows us to ask Cognito for the correct Identity Provider. Having that, we can redirect to the Federations authentication page. This page is outside of corestrengths.com and manages all the things auth related for said Federation, e.g. logging in, resetting passwords etc. If someone is already logged into this Federation, they are automatically redirected to redirect_uri with a code parameter and whatever state parameter we sent… and technical things begin to happen… ultimately leading to being redirected to our landing page… all on behalf of the person clicking SIGN IN.