Prolaborate enables access to Enterprise Architect models through SAML Single Sign-On capability.
While this integration should work with any identity provider, the tested ones are
In this guide, we will see how configure SAML Single Sign-on in general.
Create an Access Control Profile with access to the required repository and user group membership in them where SSO users can directly access the Prolaborate. To know how create Access Control Profile Click here.
On top of the usual setup you do in your SSO app, do the following:
Click on Hamburger Menu > SAML Single Sign On to go to the settings page.
Please configure as below
|Name and ACU||These fields will be Pre-filled|
|Certificate File||Choose the .pfx file of your SSL certificate|
|Certificate Password||Enter the password of the .pfx file|
Please configure as below:
This allows you convert existing system users or AD users to IDP users if they have the same email address
Others – System users to IDP users (Learn more)
Active Directory Federation Services – AD users to IDP users (Learn more)
|Name||Get this information from your Identity provider and paste it here.|
|Sign in URL||Get this information from your Identity Provider and paste it here.|
|Sign Out URL||Get this information from your Identity Provider and paste it here.|
|Certificate||Get this information from your Identity Provider. You need to select a .cer or .cert file.|
Attribute Mapping will be pre-filled with default values in SAML Single Sign-On page and they cannot be edited.
If required, users can change the values by clicking the toggle button from Default to Custom. Then copy the Attributes & Claims values from the SAML Application and paste them in Prolaborate Attributes Mapping.
The following attributes must be created:
The following claims, as applicable, must be configured:
Most modern-day teams prefer to separate user management from individual tools to a central User Management System (IAM). Prolaborate 4.4 makes this easier with the ability to link SAML user group(s) to be directly linked to Role based access in Prolaborate
For SAML based authentication, toggle the SAML Group based Restriction to enable. Choose the required profile and add SAML user group(s).
Configuration is done click "Save"