SkyPath SSO Integration
Introduction
SkyPath provides an option to authenticate using Single Sign On integration. This, by utilizing SAML 2.0 protocol. This document contains SkyPath information and client information required by SkyPath for integration.
SkyPath SAML 2.0 Information
The following tables provides the SkyPath SAML 2.0 information you should set in your SSO system.
- Metadata URL: URL where the metadata file can be obtained.
- ACS URL: assertion Consumer Service (ACS) URL, which is used for receiving SSO assertions.
- Entity ID: unique identifier for the SSO entity.
- Name ID Format: format of the Name ID used in SSO.
Development Environment
Item | Value |
---|---|
Metadata URL | https://staging-api.skypath.io/v2/sso/metadata.xml |
ACS URL | https://staging-api.skypath.io/v2/sso/assert |
Entity ID | https://staging-api.skypath.io/v2/sso/metadata.xml |
Name ID Format | unspecified or persistent |
Production Environment
Item | Value |
---|---|
Metadata URL | https://api.skypath.io/v2/sso/metadata.xml |
ACS URL | https://api.skypath.io/v2/sso/assert |
Entity ID | https://api.skypath.io/v2/sso/metadata.xml |
Name ID Format | unspecified or persistent |
Client SAML 2.0 Information (Required by SkyPath)
The following information is required by SkyPath for SSO integration.
Note: we require information for both for Development and Production environments.
-
Metadata URL: URL where the service provider (SP) metadata file can be obtained.
a. For example:
https://api.skypath.io/v2/sso/metadata.xml
-
Login URL: URL of endpoint where the user can initiate the login process for the SSO integration.
a. For example:
https://auth.company.com/login/idp/saml
-
Logout URL: URL of endpoint where the user can initiate the logout process for the SSO integration.
a. For example:
https://auth.company.com/logout/idp/saml
-
User ID Attribute Name: name or identifier of the attribute in the user identity data in SAML response.
a. For example:
User id
. See picture below: -
Name ID Format: format or type of the Name ID exchanged during the SSO process.
a. For example:
unspecified
orpersistent