Links
Comment on page

Single Sign On (SSO)

PagerTree offers several providers for single sign-on (SSO), and uses the SAML 2.0 protocol. SAML is an XML standard for exchanging authentication data between parties.

Definitions

  • Identity Provider (IdP) - This is your Identity Provider (Google, Okta, Azure AD).
  • Service Provider (SP) - This is PagerTree.

SAML Required Attributes

  • Version - 2.0
  • Assertion Consumer URL (ACS) - https://app.pagertree.com/public/saml/callback?sp_entity_id=<sp-entity-id>
  • NameIDPolicy - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
  • Encryption - false
  1. 1.
    Enable "advanced mode".
  2. 2.
    Navigate to the Idp Configs page.
  3. 3.
    Click New SSO Config button.
  4. 4.
    In the new Idp Config form:
    1. 1.
      Copy the metadata xml (or metadata url) from your IdP to the PagerTree
  5. 5.
    Configure your IdP with the provided SP (PagerTree) information.
    • Service Provider (PagerTree) Entity ID - Sometimes called the "audience" by the IdP.
    • Service Provider (PagerTree) Assertion Consumer Service (ACS) URL
    • Service Provider (PagerTree) Single Logout Service (SLO) URL
  6. 6.
    Click Enable Button
Members of your account will now be required to sign-in using SSO via the Single Sign-On login page

Configuring PagerTree with SSO

  1. 1.
  2. 2.
    Navigate to the Idp Configs page.
  3. 3.
    Click New SSO Config button.
    New SSO Config Button
  4. 4.
    In the new Idp Config form:
    1. 1.
      Copy the metadata xml (or metadata url) from your IdP to the PagerTree.
      SSO Config Form
  5. 5.
    Configure your IdP with the provided SP (PagerTree) information.
    • Service Provider (PagerTree) Entity ID - Sometimes called the "audience" by the IdP.
    • Service Provider (PagerTree) Assertion Consumer Service (ACS) URL
    • Service Provider (PagerTree) Single Logout Service (SLO) URL
      Identity Provider (IdP) Data
  6. 6.
    Click Enable Button.
    Enable SSO Config Button
Members of your account will now be required to sign-in using SSO via the Single Sign-On login page