Search here...
< All Topics

Setting up a SAML Application in Oracle Identity Cloud Service


Your Prolaborate site should have a valid SSL Certificate.

Incase there isn’t a valid SSL certificate, then a self -signed certificate can be created. Please get in touch with the Prolaborate team to know more about it.

Service Provider Configuration

To configure the Service Provider, click on Menu → SAML Single Sign On

From the top of the page, click on Enable.

Under Service Provider Configuration,

Name The name will be prefilled
Assertion Consumer URL Enter a suitable chart nameAssertion Consumer URL will be Prefilled
Certificate File Choose the .pfx file of your SSL certificate
Certificate Password Enter the Password of the .pfx file

Configuring Prolaborate in Oracle

The following sections will elaborate the steps involved in setting up Prolaborate in Oracle.

Create a new SAML Application

To create a SAML application, please follow the below steps:

Log in the Oracle account as a user and Click on Menu.

Select Identity & Security and then choose Federation.

Click Federation Name from the list.

Click Oracle Identity Cloud Service Console URL in the page.

User will be redirected to the Admin console page. Now Click Add icon in the Applications and Services Tab

Click SAML Applications from the Add Applications pop-up

User will be redirected to the Applications details page.

Fill the following details and Add SAMl Applications

Field Description
Name Enter your Application Name (for eg. Prolaborate).
Description Enter fewer characters to describe your Prolaborate
Icon Click Upload to add an icon for your Prolaborate application
Application URL / Relay State field (leave this field blank)

Click Add to add App Links that are associated with the application. The Link window will appear.

Fill the following details in the given fields.

Name Enter the App Link name
Link/Relay State Enter the URL used to access the application.
(Copy Assertion Consumer URL (ACU) from Prolaborate Application and paste it into the Link/Relay field)
Application Icon Add an icon for your Prolaborate application.

Click Add button.

Custom Login URL leave this field blank
Custom Error URL leave this field blank
Linking callback leave this field blank

In the Display Settings section, enable User can request access and click Next at the top right side of the page.

SSO Configuration

Click on SSO Configuration Tab to define SSO attributes.

In Step 1, General section of the SSO Configuration

In the General section of the SSO Configuration page, define the following:

Field Description
Entity ID Copy Assertion Consumer URL fields from Prolaborate Service Provider and paste it in Entity ID field.
NameID Format Select the type of format to use Email address. The service provider and the identity provider use this format to easily identify a subject during their communication.
NameID Value Select the NameID Value as Primary Email to identify the user that is logged in.
Signing Certificate Upload the .cer certificate file that is used to encrypt the SAML assertion.

Advanced Settings in SSO Configuration: 

In the Advanced Settings of the SSO Configuration page, define the following:

Field Description
Signed SSO Selectem Assertion and Response option from drop down list at Signed SSO field and Enable Include Signing Certificate in Signature.
Enable Single Logout Select to configure SAML single logout. Single logout enables a user to log out of all participating sites in a federated session almost simultaneously. This check box is selected by default.
Logout binding Select log out request is sent as POST (transported in HTML form-control content, which uses a base-64 format). This list box appears only if you select the Enable Single Logout check box.
Single Logout URL Open the Identity Provider Metadata Xml file to copy the Single Logout Service URL with SP configuration like below image.
Logout Response URL Copy Sign Out URL – Log out Prolaborate when you log out of SSO URL from Prolaborate Service Provider and paste it in Logout Response URL

Attribute Configuration

Expand Attribute Configuration on the SSO Configuration page to add user-specific and group-specific attributes to the SAML assertion. Click on plus(+) symbol to add the attributes.

Attribute Name Value
firstname First Name
lastname Last Name
username User Name
email Primary Email

To configure SAML user group in the Prolaborate Application, please choose relevant value from the dropdown and copy the claim from the page and then paste it in Prolaborate Attribute mapping field.

Enter the Attribute Configuration details and Click Save.

Download the certificate file.

Click Activate to activate the Prolaborate application.

In Activate Application window appear and click Activate Application.

Assign Users to the Application

Click Assign Users button.

Select the users to whom to give access to Prolaborate and Click Ok.

The users whom we have selected will now show up in Users tab.

Identity Provider Configuration in Prolaborate

Fill the Identity Provider Configuration as per the instructions below:

Field Details
Name Identity Provider Entity id availed from from Identity Provider Metadata Xml.
Sign In URL Sign in using the SAML application link address at Oracle as per the instructions belowOpen Prolaborate application in an Oracle user account and copy the application link address, then paste to Sign in URL field in your Prolaborate Identity provider configuration.Click on My Apps to log in your Oracle account as a user with User Sign in URL.

Click on Add

Select Application and Click on Add (+) symbol to your Prolaborate application

Give justification as Prolaborate and click on OK.

Copy your Prolaborate application link address.

Paste the URL to Identity Provider Configuration Sign in URL field of your Prolaborate Identity Provider configuration.

Field Details
Sign Out URL – Log out SSO when you log out of Prolaborate (Optional) Fill Sign Out URL using Identity Provider Single Logout Service availed from from Identity Provider Metadata Xml file (Refer to section SSO Configuration tab).
Field Details
Certificate File Choose the converted .cer Certificate file from Oracle Configuration

Enter the Identity Configuration fields in your Prolaborate SAML Settings and Click on Save.

Log in with Oracle Credentials

Once the configuration is done, your users will start to see a new button on the login page called Login with SSO

When they click on Login with SSO, they will be redirected to an URL as per configuration. They can then give their Oracle credentials to login to Prolaborate.

You will be redirected to Prolaborate successfully if the configuration is done right as per the instructions in the document.

If you’re experiencing challenges signing in using SSO, go at SAML Assertion Validation to debug the SAML configurations.

The Repositories you see will be based on Default Access Control Profile.

Configure Default Access Control Profile in Prolaborate

Access Control Profiles let you define repository access rules and default user group membership for users added via SSO or Sign up. Click here to know more.

To create an Access Control Profile, click on Menu > Access Control Profiles under portal settings.

Access Control Profiles lists profiles which are created earlier.

To create a new profile, click on Create Profile to create a profile


When you click on Create Profile you will land on the below page.

Name Give a suitable name for the profile
Include All Repositories Choosing this will allow users who are logging in through SSO or Sign up get access to all the repositories
Choose Specific Repositories This feature lets one the Repository and the corresponding User Group Membership. In addition, the user who is logging in through SSO or Sign will get access based on the user groups they are added to.

Now click on Save.

Now, go back to the SAML Settings page.

Select the newly created profile and click Save.

Logging out from Prolaborate

When a user initiates a logout, the user will be logged out from all applications in the current Identity provider login session.


Start Here
Book a Demo