SSO Setup
IT-Conductor supports SAML 2.0-based Single Sign-on.
Understanding SAML Configuration
In SAML terms, there are two parties:
Identity Provider that supplies the user authentication and is your trusted enterprise credentials - Okta, Microsoft ADFS (Azure or on-prem), Google Workspace, AWS IAM Identity Center, etc.
Service Provider - In this case, it is IT-Conductor that supports SSO with Identity Provider, so you don't need to maintain/remember a separate set of credentials.
Configure Identity Provider
To configure Identity Provider, you will need the following IT-Conductor SAML information:
Entity ID: https://service.itconductor.com
Assertion Consumer Service URL: https://service.itconductor.com/saml/acs
Relay State URL: https://service.itconductor.com/home
Logout URL: https://service.itconductor.com/saml/logout
Depending on what type of Identity Provider you are configuring, use the links below. Otherwise, use vendor instructions and the information above.
When the Identity Provider configuration is complete, either export Identity (Federation) Metadata XML and/or copy the following attributes:
Identity Provider Identifier
Login URL
Logout URL
Certificate (Base64)
Visit service.itconductor.com and enter your login credentials.
Navigate to Management → Security → SSO Identity Providers.
Copy previously saved values to Identity Provider Info attributes as the following:
Name - Unique Name - internal to IT-Conductor
Description - Internally identifying information
Issuer - Identity Provider Identifier
SSO URL - Login URL
SLO URL - Logout URL
Certificate - exported base64 certificate
Service Provider Info attributes allow you to customize the mapping between Identity Provider and IT-Conductor, normally you don't need to do anything as default mappings should work. Otherwise, contact the IT-Conductor Support Team for assistance.
Verify if the identity provider was added to the SSO Identity Providers actions panel.
You can now use the SSO to log into IT-Conductor from your Identity Provider.
Last updated