Setup Instructions
Blue Hexagon Support will provide you with the following information to set up the SAML connection with your SSO Identity Provider (IdP):
Entity ID: Uniform Resource Name (URN) that uniquely identifies Blue Hexagon as a Service Provider (SP)
Assertion Consumer Service (ACS) URL or Reply URL: URL at the Service Provider (Blue Hexagon) that accepts SAML artifacts from the IdP
Signing Certificate: Blue Hexagon certificate containing the encryption key necessary for authentication
SAML User Attributes Mapping
Ensure that at least the following user attributes are configured in your IdP:
emailaddress
: User’s email addressgivenname
: User’s given name or first namesurname
: User’s surname or last namename
: Principal name of user in the IdP
If the user attributes are configured differently in your IdP, please inform Blue Hexagon Support of the user attribute mapping.
SSO SAML Information to Send to Blue Hexagon
Once you have configured your SSO Identity Provider (IdP), please provide the following information to Blue Hexagon Support:
Email Domains: Enterprise domains (e.g. http://acme.com ) that will access Blue Hexagon via SSO
Sign-in URL: Your SSO IdP sign-in URL to which Blue Hexagon will redirect
Sign-out URL: Your SSO IdP sign-out URL
X.509 Signing Certificate: SSO IdP public key in .pem or .cer format
User ID Attribute: (Optional) Attribute in the SAML token that will be mapped to the
user_id
property in Blue HexagonProtocol Binding: HTTP-POST (recommended) or HTTP-Redirect