SSO-SimpleSAML (english version)

This is the translated version of SSO-SimpleSAML

The SSO-SimpleSAML interface can be used to automate the login and registration of users.

Contents of this Documentation

1 Requirements
2 Configuring the Interface
- 2.1 URL Call
3 Mapping and user data
4 Mapping for "Email for Cost Approval

Requirements

The SSO SimpleSAML add-on must be enabled for the client.

Configuring the Interface

The interface can be enabled under "Add-ons » SSO-SimpleSAML".

The "Identify Provider EntityID" must be defined under IdP EntityID. For example, this can be the URL to the IdP metadata page.

Under "IdP Metadata", the metadata must be stored in JSON format.

The corresponding store metadata is displayed under "SP Metadata".

URL Call

The SSO interface can be accessed through the URL https://SHOP_DOMAIN/simplesaml/. The user is automatically redirected to the defined IdP verification page.

Mapping and user data

After validation, the parameter urn:mace:dir:attribute-def:uid is expected. The uid parameter must be set to match the username in the PRINT LOUNGE.

Optionally, user data can be mapped using the “User Data Mapping” function. The user must be logged on to the system.

The user will be automatically redirected to the home page.

An attribute called redirect_url (name="redirect_url") can be used to specify a URL such as "/makepage.php?searchStr=test&p=search" so that the user is redirected directly to that page.

Mapping for "Email for Cost Approval

cince version 6.0.0

The email address for cost approval in the store settings will be overwritten by the mapping - as soon as an email address is submitted. If no email address is submitted, the email address is taken from the store settings.