If you are an IDP, you can authenticate your users in MyRepChat(SP) through SAML. Configuration is managed in your group administrator portal. Once logged in, you can navigate to your Group Setup page, and scroll down until you get to the SAML Identity Provider section.
An email pattern is required. Since all users login using their email address, when a users email address matches this patter, we will use you as the IDP for authentication.
Next you will need to setup the SAML configuration. This can be done in one of three ways, explicitly, through your metadata url, or by providing your metadata directly.
When setting up an explicit configuration, you will need to provide your SSO url, the Issuer, and your certificate.
When setting up a metadata url, just type in the url that our server can use to access your metadata. Note that using a Metadata URL is the preferred method because this allows us to automatically update to any changes in your metadata.
When providing metadata, just paste in your metadata into the provided field.
Click save when finished. After you have slicked save, our servers will immediately begin using you as the IDP for all users with an email address that ends with the pattern you provided, and your custom service provider url will be displayed.
On incoming SAML authentication responses we require that only the Email assertion is present in order to login in a user. Optionally you can specify the TokenExpiration if the 10 second timeout is not long enough. If an account is not found using the provided email address, and CreateNew is not provided or is false, the login will fail.
As you will notice in the metadata response, you can create new MyRepChat accounts through SAML. In order to do this, the SAML response you send to us will need to have the following assertions:
- First - User first name
- Last - User last name
- Email - User email address
- Name - Account name
- TokenExpiration - (Optional) ttl in seconds for token (default=10)
- Address1 - Account address line 1
- Address2 - Account address line 2
- City - Account city
- State - Account state
- Zip - Account zip code
- Country - Account country (iso country code e.g US)
- Timezone - Account timezone (e.g. America/Chicago)
- CreateNew - Create account if it doesn't exist (true/false)
After the account has been created, you will receive an email notifying you of the new account, and the user will be placed in the new account and will be presented with a wizard where they can choose their new MyRepChat number.