Security Assertion Markup Language (SAML) has been introduced as another Single Sign On (SSO) option for Get Satisaction communities. While many of our customers do use FastPass, we wanted to provide an additional option for those who wanted a different set up for Single Sign On.
It’s different than FastPass in that you don’t necessarily have to put Get Satisfaction specific code on your end and you don’t have to have your own internal system for managing users. Instead, you could use a service like Okta, OneLogin or even SalesForce. It can be used as one of your multiple login options or as the required login option for your community.
We are currently enabling SAML Single Sign On by request. Please leave a comment in this topic in the Get Satisfaction customer community if you would like to have this added to your Get Satisfaction community.
Setting up SAML Single Sign On
SAML Single Sign on is configured from within Configure Workspace. From the community homepage, click the “gear” icon and then click “Configure”.
From the menu on the left-hand side, under Configuration, select “SAML”. This will take you to the page where the SAML setup for a Get Satisfaction community can be configured.
There are a couple of different sections on this page that are needed to set up SAML Single Sign on.
The Service Provider Information is what will need to be used by the identity provider for Single Sign On.
The Identity Provider Information is what will be used by Get Satisfaction to complete the SAML set up. The identity provider being used should be able to easily provide a Get Satisfaction customer with this information.
Custom Field Mapping will be used by Get Satisfaction when a sign over from the identity provider happens for a user that does not exist. It lets Get Satisfaction know what the fields are called in the identity provider side so that the community user can be created correctly.
Please note that our SAML Single Sign On has a few known limitations.
- iOS Chrome – Starting with SP. Once you authenticate on Chrome it takes a long time to load the community page and a blank page will appear. If you refresh the browser, it then shows the community page and that you are logged into the community.
- Android Chrome and Galaxy 6 Android 5 browser and Safari iOS and Chome iOS – Starting at IDP. If you use Salesforce for your IDP, you are redirected to a ‘what I follow page’ inside of Salesforce. You don’t see the SAML login button.
- Galaxy 6 with Android 5 browser – Doesn’t sign you in after you are authenticated from IDP. Even if you refresh the page, you are still not logged in.