SSO (Single Sign-On) authentication allows your team members to securely log into the Swivl Capture app or Reflectivity web platform with ease and simplicity. It is possible to both sign in and sign up using SSO. Teachers, coaches, and students use their institutional login and password to access their Reflectivity team account. It is a time-saving, convenient, and secure process of logging in and using Reflectivity solution.
Make sure to use SSO sign in at https://cloud.swivl.com/sso/login or in our Swivl Capture or Reflectivity apps.
What needs to be configured on your side
Create a new Service Provider profile with the following settings:
- Service Provider Name: Swivl Cloud
- Entity ID: https://cloud.swivl.com/sso
- Metadata: http://cloud.swivl.com/sso/metadata.xml
- You need to setup the system so that it sends us the following attributes:
- First name
- Last name
- Email address After you do the attributes setup, please send us the names of the attributes (e.g. FirstName/LastName/Email)
Information we need from you as the Identity Provider:
- Identity Provider Name (example: TTU)
- Email domain (example: ttu.edu)
- Entity ID (example: https://idp.shibboleth.ttu.edu/idp/shibboleth)
- URL to metadata.xml (example:https://idp.shibboleth.ttu.edu/idp/shibboleth)
- Names of the attributes (e.g. FirstName/LastName/Email)
- Email this information to your primary Swivl contact or to support@swivl.com
How to test the SSO connection
- Visit page https://cloud.swivl.com/sso/login
- Enter Email address in your domain and press the “Sign in” button
- You should be redirected to your IdP sign in page
- Sign in on IdP using your credentials
- You should then be redirected back to Swivl Teams
- Notify us about successful SSO connection test and we will setup attribute mapping on our side
- Sign in with SSO again and you should see the correct First and Last name
MS Azure SSO integration with Reflectivity (Teams)
-
To configure Azure AD integration, you must be an administrator in Azure and have the Admin account (not Co-Admin) in AlertSite.
To create an application in Azure AD, follow the next steps:
1. Log in to the your Azure portal as an administrator: https://portal.azure.com/
2. Go to Azure Active Directory:
3. Select Enterprise Applications:
4. Click New application.
5. On the Add an application page, choose Non-gallery application.
6. In the Name field enter Swivl Teams. Click Add or Create.
7. Select Single sign on and select SAML.
8. On the Single sign-on page, click the edit button at the top right of the Basic SAML Configuration section.
9. Under basic SAML configuration section, perform the following steps:
- Identifier (Entity ID): https://cloud.swivl.com/sso
- Reply URL (Assertion Consumer Service URL): https://cloud.swivl.com/sso/login_check
- Sign on URL: blank
- Relay State: blank
- Logout URL: blank
10. Click the edit button next to User Attributes & Claims and configure the Claims for the application:
11. Check and update the Claims if needed:
givenname
- Name: givenname
- Namespace: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
- Source attribute: user.givenname
surname
- Name: surname
- Namespace: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
- Source attribute: user.surname
email address
- Name: email address
- Namespace: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
- Source attribute: user.mail
12. Download the Federation Metadata XML file and keep it handy. You'll need this in the next step.
Setup SSO connection with Swivl Platform
Information we need from you as the Identity Provider:
- Identity Provider Name (example: TTU)
- Email domain (example: ttu.edu)
-
Send us URL to metadata.xml file downloaded on the step 12(example: https://idp.shibboleth.ttu.edu/idp/shibboleth)
- Email this information to your primary Swivl contact or to support@swivl.com
How to test the SSO connection:
- Visit page https://cloud.swivl.com/sso/login
- Enter Email address in your domain and press the “Sign in” button
- You should be redirected to your IdP sign in page
- Sign in on IdP using your credentials
- You should then be redirected back to Reflectivity (Teams)
- Notify us about successful SSO connection test and we will setup attribute mapping on our side
- Sign in with SSO again and you should see the correct First and Last name.
OneLogin SSO connection with Reflectivity (Teams)
-
Configure OneLogin
- Log in to the OneLogin Dashboard, and click in the top menu Applications > Add App
- Search for SAML, and select SAML Custom Connector (Advanced)
- Specify Display Name “Teams” and press Save
- Go to the SSO tab and copy the value for Issuer URL
- Go to the Configuration tab, fill the following fields and press Save:
- Audience (EntityID): https://cloud.swivl.com/sso
- Recipient: https://cloud.swivl.com/sso/login_check
- ACS (Consumer) URL Validator: ^https:\/\/cloud\.swivl\.com\/sso\/login_check$
- ACS (Consumer) URL: https://cloud.swivl.com/sso/login_check
- Login URL: https://cloud.swivl.com/sso/login
- SAML initiator: Service Provider
- SAML nameID format: Email
- Go to the Parameters tab:
- Field name: Email
- Include in SAML assertion: yes
- Value: Email
- Field name: First Name
- Include in SAML assertion: yes
- Value: First Name
- Field name: Last Name
- Include in SAML assertion: yes
- Value: Last Name
- press “+” button, fill the following fields and press Save:
- press “+” button, fill the following fields and press Save:
- press “+” button, fill the following fields and press Save:
Email this information to your primary Swivl contact or to support@swivl.com
- Email domain or team name
- SSO provider: OneLogin
- Issuer URL
-
All possible sign in options
Check out other possible sign-in options in this article: What Sign-In Options Do I Have?
Comments
0 comments
Please sign in to leave a comment.