Skip to main content

Configuring SAML Authentication

Once the application is added to the list of service providers authenticated through SAML, you should enable SSO on the application to complete the configuration. You can enable this feature in the application upon adding certain other information obtained out of the metadata downloaded or extracted from the IdP. To configure SAML authentication in Facilio,

  1. Click SETUP NOW in the SSO setup screen. The CONFIGURE SAML page appears as shown below.

  2. Update the following fields in this screen using the details captured from the IdP:

    • Login URL - The URL to which the users are redirected for authentication when they try to sign in to the application.

      Note: It is the Location attribute value in the SingleSignOnService tag.
    • SAML Certificate - The certificate that contains the public key that is used to verify whether the SAML response is from the IdP, when the users try to sign in to the application.

      Note: It is the public key in the X509Certificate tag. The certificate format is as follows:

      -----BEGIN CERTIFICATE----- <(Public Key)> -----END CERTIFICATE-------

    • Logout URL - The URL to which the sign out request is sent when the users sign out of the application.

      Note: It is the Location attribute value in the SingleLogoutService tag. This field is optional. This field must be updated only if you want the IdP session to be logged out, when the user logs out of the application.
  3. Click SAVE. The SAML authentication is successfully configured for the application.

A sample metadata file from the IdP with SAML configuration details is shown in the screenshot below.