Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

The Single Sign On module allows authentication with SAML 2.0 enabled SSO Identity Provider software (IdP).  The module acts as a gateway to features beneath this module within the app.  Access to those features is only allowed if the user successfully authenticates with SSO.

SSO may be integrated for the mobile application (AppArmor Safety, Command, WorkAlone, Report, Academia), the dashboard, the subscriber's portal (AppArmor Alert), or the report portal (AppArmor Report). While our integration method (SAML 2.0) is IdP agnostic, we have provided specific direction for Azure AD below. We have also included tech diagrams for clarity on how the data flows through SSO integrations.


Microsoft Azure AD SSO Configuration

In scenarios where a project implementation requires that end users or administrative users confirm their identity, we integrate with the customer IdP via SAML 2.0. This integration allows for verification of user identity and for the customer to pass relevant data points (known as "claims") to the AppArmor system. These claims can then be used for project / software specific objectives. 



For example, using myself as an example, if I had credentials to RDPoly - say
dsinkinson@rdpoly.ca and using my password - after I log in, I provide the app with more details about me, such as first name, last name, email address, ID number, and possibly school affiliation (student / faculty / staff). The actual claims that are passed through are determined by your IT group.

Set Up

Setting up SSO is pretty easy. We exchange metadata files. AppArmor is the SP (Service Provider) and RDPoly is the IdP (Identity Provider). I've attached our metadata. I will need the IdP metadata from your IT SSO person to continue the integration.

Your IT SSO person then uploads our attached metadata file into your IdP and configures AppArmor as a custom application.

Lastly, they need to provide me with test credentials. This is a username and password for your SSO. The claims we would expect for this module are:

- First Name
- Last Name
- Email Address
- ID Number
- School Affiliation (Student/Faculty/Staff)

It should work basically right away, however if troubleshooting is required I'll have resources on my side ready.





  • No labels