Step 1 – Send Ronspot your SAML parameters
Ronspot uses the SAML setup for ADFS. Ronspot requires the 4 following parameters, you will find them on your ADFS account.
- Entity ID: This is the global, unique ID for the SAML entity.
- Single Sign-on URL: The URL to use when performing the primary authentication.
- ADFS Certificate: This certificate file must be in .crt format and must be sent to your Ronspot technical contact.
- Single Logout URL: This is optional, but can be used to redirect the employee when they logout of Ronspot.
Step 2 – Set Ronspot access on your ADFS account
Once the above are sent to Ronspot and set on your account, add the following URLs into your ADFS account:
- Single Sign On URL – The location where the SAML assertion is sent with a HTTP POST. This is often referred to as the SAML Assertion Consumer Service (ACS) URL for your application
https://admin.ronspot.ie/member/Ssologin?acs - Recipient URL – The location where the application may present the SAML assertion. This is usually the same location as the Single Sign-On URL
https://admin.ronspot.ie/member/Ssologin?acs - Audience URI – SP Entity ID – The application-defined unique identifier that is the intended audience of the SAML assertion. This is most often the SP Entity ID of the application
https://admin.ronspot.ie/member/Ssologin - Destination URI – Identifies the location where the SAML response is intended to be sent inside of the SAML assertion. This is useful to prevent malicious forwarding of responses to unintended recipients. This should be the same location as the Single Sign-On URL unless your application explicitly defines a specific value
https://admin.ronspot.ie/member/Ssologin?acs
Step 3 – Send Ronspot your XAML attributess
In your ADFS account, find the following user attributes and share them with Ronspot in order to be able to run the service.
<saml:Attribute Name=”user.email” NameFormat=”urn:oasis:names:tc:SAML:2.0:attrname-format:basic”><saml:AttributeValue xsi:type=”xs:string”>john.doe@example.com</saml:AttributeValue></saml:Attribute>
<saml:Attribute Name=”user.lastName” NameFormat=”urn:oasis:names:tc:SAML:2.0:attrname-format:basic”><saml:AttributeValue xsi:type=”xs:string”>Doe</saml:AttributeValue></saml:Attribute>
<saml:Attribute Name=”user.firstName” NameFormat=”urn:oasis:names:tc:SAML:2.0:attrname-format:basic”><saml:AttributeValue xsi:type=”xs:string”>John</saml:AttributeValue></saml:Attribute>
<saml:Attribute Name=”user.id” NameFormat=”urn:oasis:names:tc:SAML:2.0:attrname-format:basic”><saml:AttributeValue xsi:type=”xs:string”>123XYZ456</saml:AttributeValue></saml:Attribute>