{"id":1516,"date":"2023-11-21T07:32:27","date_gmt":"2023-11-21T07:32:27","guid":{"rendered":"https:\/\/strange-sammet.82-165-59-152.plesk.page\/?page_id=1516"},"modified":"2023-12-01T07:48:41","modified_gmt":"2023-12-01T07:48:41","slug":"requirements-and-limitations","status":"publish","type":"page","link":"https:\/\/cp-prod-wordpress.alfa.sx\/en\/miscellaneous\/for-it-administrators\/single-sign-on\/requirements-and-limitations\/","title":{"rendered":"Requirements and Limitations"},"content":{"rendered":"\n<p>In order to setup single sign-on you have to have a working identity provider. It needs to comply to the either of the following standards:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>OpenID Connect<\/li>\n\n\n\n<li>SAML V2.0<\/li>\n\n\n\n<li>Shibboleth (via SAML V2.0)<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"required-information\">Required Information<a href=\"https:\/\/cp-prod-wordpress.alfa.sx\/en\/administration\/single-sign-on\/requirements-and-limitations\/#required-information\"><\/a><a href=\"#required-information\" class=\"av-heading-anchor\"><i class=\"bi bi-link\"><\/i><\/a><\/h2>\n\n\n\n<p>To configure our alfaview service provider we need the following information from you:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>the endpoint of your identity provider (e. g.&nbsp;<code>https:\/\/idp.example.com\/redirect<\/code>)\n<ul class=\"wp-block-list\">\n<li>if available: test accounts and an additional testing identity provider endpoint<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>if you have a SAML-based identity provider: your identity provider\u2019s signing certificate<\/li>\n\n\n\n<li>the identity claims or attribute mapping of your identity provider\u2019s SAML\/OIDC response\n<ul class=\"wp-block-list\">\n<li>required: user\u2019s first name, last name and display name<\/li>\n\n\n\n<li>optional: user group attribute if you want to use\u00a0<a href=\"\/en\/administration\/single-sign-on\/manage-groups\/\">group based permission management<\/a>\u00a0in alfaview<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>your desired login domain from where your users will start the single sign-on process (example:&nbsp;<code>my-company.alfaview.com<\/code>)<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"limitations\">Limitations<a href=\"#limitations\" class=\"av-heading-anchor\"><i class=\"bi bi-link\"><\/i><\/a><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Your identity provider\u2019s SAML XML signature needs to be signed using the SHA256 algorithm. If you have no information about the signing algorithm used, we can try to help you finding it out.<\/li>\n\n\n\n<li>We do not support identity provider initiated SAML V2.0. But we can provide a start link that initiates the alfaview login by redirecting to your identity provider\u2019s login page<\/li>\n\n\n\n<li>The login domain will be hosted by alfaview.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"compatible-identity-providers\">Compatible Identity Providers<a href=\"https:\/\/cp-prod-wordpress.alfa.sx\/en\/administration\/single-sign-on\/requirements-and-limitations\/#compatible-identity-providers\"><\/a><a href=\"#compatible-identity-providers\" class=\"av-heading-anchor\"><i class=\"bi bi-link\"><\/i><\/a><\/h2>\n\n\n\n<p>Here is a list of identity providers that were successfully configured and are proven to work with alfaview:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>GitLab \u2013 based on OpenID Connect<\/li>\n\n\n\n<li>Google Work \u2013 based on SAML V2.0<\/li>\n\n\n\n<li>Shibboleth \u2013 based on SAML V2.0<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>In order to setup single sign-on you have to have a working identity provider. It needs to comply to the either of the following standards: OpenID Connect SAML V2.0 Shibboleth (via SAML V2.0) Required Information [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":0,"parent":1509,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-1516","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/cp-prod-wordpress.alfa.sx\/en\/wp-json\/wp\/v2\/pages\/1516","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cp-prod-wordpress.alfa.sx\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/cp-prod-wordpress.alfa.sx\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/cp-prod-wordpress.alfa.sx\/en\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/cp-prod-wordpress.alfa.sx\/en\/wp-json\/wp\/v2\/comments?post=1516"}],"version-history":[{"count":4,"href":"https:\/\/cp-prod-wordpress.alfa.sx\/en\/wp-json\/wp\/v2\/pages\/1516\/revisions"}],"predecessor-version":[{"id":1517,"href":"https:\/\/cp-prod-wordpress.alfa.sx\/en\/wp-json\/wp\/v2\/pages\/1516\/revisions\/1517"}],"up":[{"embeddable":true,"href":"https:\/\/cp-prod-wordpress.alfa.sx\/en\/wp-json\/wp\/v2\/pages\/1509"}],"wp:attachment":[{"href":"https:\/\/cp-prod-wordpress.alfa.sx\/en\/wp-json\/wp\/v2\/media?parent=1516"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}