SAML Generic Integration Documentation

This guide details the steps required to integrate Trusona using SAML

Trusona allows you to have a passwordless experience with many applications that support SAML 2.0 (Security Assertion Markup Language). If you do not see documentation for your application, that’s ok! You can use the information below in addition to your application’s SAML documentation to integrate with Trusona using an SP-initiated login.

Definitions:

  • Trusona is considered IdP (identity provider)
  • The application you are integrating Trusona with is considered the SP (service provider)

SAML references:

1. IdP (Identity Provider) Configurations

  • Log into the Trusona Dashboard
  • Click on SAML integrations
  • Select ‘Create SAML Integration’
  • Enter a name for your SAML integration
  • If your Service Provider doesn’t sign requests, enter the Service Provider’s ACS URL in the Assertion Consumer Service URL field
  • Upload the Service Provider’s certificate
    • If your Service Provider doesn’t sign requests, you can skip this step
  • Select ‘Save’

2. IdP (Identity Provider) Information

  • On the SAML integrations page in the Trusona Dashboard, click ‘Actions’ next to the integration you just configured
    • Select, Download Certificate
  • Select Actions again
    • Right click on ‘View Metadata XML’ and open link in a new tab
  • On the Metadata XML tab, note the following information for your service provider

  • Entity ID
    • This will be listed at the top of the XML and will have entityID= listed before the URL
  • SSO URL
    • Find ‘SingleSignOnService’ in the XML file. The SSO URL will be listed at the end of that line

3. SP (Service Provider) Configurations

Please refer to your Service Providers SAML configuration documentation.

  • When asked for the IdP Entity ID, enter the Entity ID you grabbed from the XML file on Step 3.a.i.
  • This may be labelled differently depending on your Service Provider.
  • When asked for the SSO URL, enter the URL you grabbed from the XML file on step 3.b.i. This may be labelled differently depending on your Service Provider.
  • Binding: We recommend using HTTP-POST. However, we also support HTTP-Redirect
  • Signature Hash Algorithm: SHA-256
  • If asked about signing the assertion or response, choose to sign the assertion

Here is an example SAML Response


Integrations

Desktop
IAM and SSO
SCIM
PAM
Productivity
VPN
General

Guides

Get started guides
Implementation guides
Users guides

SDKs

Mobile SDKs
Server SDKs
Web SDKs

APIs

Authentication Service
ID Proofing Service
Mobile Auth for Browsers Service

TOTP

Business
E-commerce
Finance
Productivity
Social
Gaming
Other