Documentation

 

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Use this guide to enable Single Sign-on (SSO) access via SAML to Ellucian Colleague.

 

...

Prerequisites

1. Have an Ellucian Colleague Instance and a SecureAuth Appliance.

...

A) Overview — the description of the realm and SMTP connections must be defined.
B) Data — an enterprise directory must be integrated with SecureAuth IdP.
C) Workflow — the way in which users will access this application must be defined.
D) Multi-Factor Methods — the Multi-Factor Authentication methods that will be used to access this page (if any) must be defined.

 

...

SecureAuth IdP configuration steps

...

3. Select SAML 2.0 (SP Initiated by POST) Assertion from the Authenticated User Redirect dropdown.

Image Modified

User ID mapping

...

6. Select False from the Encode to Base64 dropdown.

Image Modified

SAML Assertion / WS Federation

...

11. Type/paste the Login URL of the Ellucian Colleague into the SP Start URL text field (e.g., https://<FQDN_of_Public_URL>/xxxxxxxx/).

Image Modified

12. Select True from the Sign SAML Assertion dropdown.

...

Note: If using a third-party certificate, click Select Certificate and choose the appropriate certificate.


Image Modified

15. Click the Save button.

...

5. Type/paste the Identity Provider URL appended with restart.aspx into the Logout URL text field so that the SSO cookie will be cleared out (e.g., https://<FQDN_SA_IdP>/SecureAuthxx/restart.aspx).

6.Import the Public Certificate from SecureAuth into the PublicCertificate text field.
Image Modified

7. Type/paste the WSFed/SAML Issuer URL from the IdP into the Issuer text field. (e.g., https://<FQDN_SA_IdP>/SecureAuthxx/).

...

10. Verify the settings and click Save.

11. Test the SSO.
Image Modified