Please enable JS

Integrate SAML Single Sign-on Settings

November 11, 2019

Prolaborate enables access to Enterprise Architect models through SAML Single Sign-On capability.

While this integration should work with any identity provider, the tested ones are

  1. Azure Active Directory (Learn how to configure here)
  2. Microsoft Active Directory Federation Services
  3. Okta (Learn how to configure here)
  4. Mini Orange
  5. Oracle Identity Cloud Service (Learn how to configure here)
  6. IBM Security Access Manager
  7. Ping Identity (Learn how to configure here)

In this guide, we will learn how to configure SAML Single Sign-On for various providers.

Configure SAML Settings

Click on Menu > SAML Settings to go to the settings page.

First you need to configure Prolaborate’s settings (The service provider), then the Identity Provider, and finally decide what access needs to be given for users logging in through their SSO credentials.

Prerequisite: Your Prolaborate site should have a valid SSL certificate and at least one repository should be added.

Service Provider Configuration

Please configure as below:

Field Description
Name and ACU These fields will be prefilled
Certificate file Choose the .pfx file of your SSL certificate
Certificate password Enter the password of the .pfx file

Identity Provider Configuration

Please configure as below:

Field Description
Identity Provider Select ADFS if you are using it, select Others if you are using any other vendor.
Name and Sign in URL Get this information from your Identity Provider
Certificate File Get this information from your Identity Provider. You need to select a .cer or .cert file.

Default Access Permissions

You can choose any one of the following options:

  1. Give access to all repositories – Any user logging with their SSO credentials will be given access to all repositories by adding them to the Default user group in each repository
  2. Specify access – Any user logging with their SSO credentials will be added to the user groups you have specified after selecting the repositories

Log in with SSO

Once the configuration is done, ensure SSO is enabled.

Your users will start to see a new button on the login page called Login with SSO and they can click on it to login with their SSO credentials.