Using SAML 2.0 For Single Sign-on

To configure SAML SSO, you need a SAML identity provider. CTERA Portal SAML single sign-on has been certified with the following identity providers:

• Okta
• OneLogin
• Microsoft Active Directory Federation Services (ADFS)
• Microsoft Azure Active Directory
• Swivel AuthControl Sentry

Before setting up SAML in the CTERA Portal:

• The global administrators must be defined. For details, see Adding, Editing and Deleting Global Administrators.
• You have to define access to the CTERA Portal on the identity provider side. Although each identity provider can have a different procedure for setting this up, the SAML protocol requires the following information:
  Entity ID – A globally unique name for a SAML entity. This entity is defined at the identity provider, IdP, side.
  Sign-in page URL – The location where the SAML assertion is sent with HTTP POST. This is often referred to as the SAML Assertion Consumer Service (ACS) URL for the SAML endpoint at the IdP side.
  Log-out page URL – The location where the logout response will be sent.
  Identity Provider Certificate – The authentication used by the identity provider.
  The terms used for this information can vary between the different identity providers.