Following are the generalized steps for setting up Single Sign On between Skills Base and any SAML2-compatilble Identity Provider.
Configure Skills Base SSO (Part 1)
- Log in to Skills Base as an Administrator
- From the left side of menu, select [Administration > Authentication]
- On the Authentication page in the Identity Providers section, select Add identity provider.
- Click Add to use the default settings.
- In the Application Details panel, next to SAML SP Metadata, select Download XML File and save the resulting file on your computer.
Configuring your Identity Provider (IdP)
- Import the Skills Base metadata into your IdP. How exactly to achieve this will depend on your IdP. Consult your IdP's support documentation for more information.
- Configure the attribute filters. Skills Base requires the following attributes:
- Email address
- Given name
- Surname
- Download your Identity Provider's SAML metadata file and save it on your computer.
Configure Skills Base SSO (Part 2)
- Return to Skills Base and select [Administration > Authentication] from the left hand menu.
- In the Identity Providers section, select the edit button (denoted by a pencil icon) for the Identity Provider record you added.
- In the Edit identity provider panel, for SAML IdP Metadata select Upload an XML file
- Click Browse to choose a file. Select the Federation Metadata XML file that you downloaded from your Identity Provider and click Save.
- In the Authentication panel, for Single Sign-On select the Identity Provider you added
- Make sure the option to bypass the Skills Base login screen is deselcted for now. You can enable this option later, once the integration is proved to be working.
- If you would like to enable Just In Time user provisioning, enable the Automatic user account provisioning option.
- click Save changes.
The Identity Provider you added in the Identity Providers panel should now have a green Enabled badge in the Status column.