Skip to main content

SkyPath SSO Integration

Introduction

SkyPath provides an option to authenticate using Single Sign On integration. This, by utilizing SAML 2.0 protocol. This document contains SkyPath information and client information required by SkyPath for integration.

SkyPath SAML 2.0 Information

The following tables provides the SkyPath SAML 2.0 information you should set in your SSO system.

  1. Metadata URL: URL where the metadata file can be obtained.
  2. ACS URL: assertion Consumer Service (ACS) URL, which is used for receiving SSO assertions.
  3. Entity ID: unique identifier for the SSO entity.
  4. Name ID Format: format of the Name ID used in SSO.

Development Environment

ItemValue
Metadata URLhttps://staging-api.skypath.io/v2/sso/metadata.xml
ACS URLhttps://staging-api.skypath.io/v2/sso/assert
Entity IDhttps://staging-api.skypath.io/v2/sso/metadata.xml
Name ID Formatunspecified or persistent

Production Environment

ItemValue
Metadata URLhttps://api.skypath.io/v2/sso/metadata.xml
ACS URLhttps://api.skypath.io/v2/sso/assert
Entity IDhttps://api.skypath.io/v2/sso/metadata.xml
Name ID Formatunspecified or persistent

Client SAML 2.0 Information (Required by SkyPath)

The following information is required by SkyPath for SSO integration.

Note: we require information for both for Development and Production environments.

  1. Metadata URL: URL where the service provider (SP) metadata file can be obtained.

    a. For example: https://api.skypath.io/v2/sso/metadata.xml

  2. Login URL: URL of endpoint where the user can initiate the login process for the SSO integration.

    a. For example: https://auth.company.com/login/idp/saml

  3. Logout URL: URL of endpoint where the user can initiate the logout process for the SSO integration.

    a. For example: https://auth.company.com/logout/idp/saml

  4. User ID Attribute Name: name or identifier of the attribute in the user identity data in SAML response.

    a. For example: User id. See picture below:

    User ID

  5. Name ID Format: format or type of the Name ID exchanged during the SSO process.

    a. For example: unspecified or persistent