Setting up Single Sign On with SAML 2.0 involves two steps:
1) Enter your metadata into your Identity Provider as a new enterprise application connection
2) Share your metadata certificate with us
Once these steps are complete and both parties have configured connections, contact support to provision a test user and try the sign-on challenge end to end.
Note: We support staging environments for testing. Please contact email@example.com for more information.
Create a new enterprise application connection
Our metadata and entity ID are the same string: https://api.togetherplatform.com/mentoring/authorize/saml/metadata.xml
Most identity provider clients should parse this xml file and fill out most of the configuration for you. If not, ensure the EntityID is the URL above, and that our certificate is entered.
The NameID assertion format in your configuration should be employee ID when possible. For user attributes, include email address.
If employee ID as the NameID is not possible, use the email address of the user.
Share your metadata and certificates with us
We need your single sign-on login URL, logout URL, and certificate. Please send these to firstname.lastname@example.org.