SSO FAQ

Where Do I Find The…?

Where do I find the:

  • EntityID or Identifier:
    • There are two possibilities, based on the Combined Issuer checkbox in Login Settings Customization:
      • Enabled (preferred option):  The authentication request Issuer will be https://idp-{region}.plutora.com. Having this setting enabled allows for cross-site (in other words, Plutora and Plutora Test) login using the same SSO setup.
      • Disabled (default option): Then the authentication request Issuer will be https://{subdomain}.plutora.com.
  • Endpoint or AssertionConsumerService location:
    • There are two possibilities, based on the Combined Issuer checkbox in Login Settings Customization:
      • Enabled: Will be https://idp-{region}.plutora.com/api/Login/ExternalLoginResponse if Combined Issuer checkbox in Login Settings is enabled
      • Disabled: Otherwise, it remains as https://{subdomain}.plutora.com.
  • SAML Binding:
    • The SAML Authentication Response is to be sent as a POST.
  • Signing certificate (if required):
    • There is a link on the Login Settings page to download the public certificate.
It is likely that you will need the request sent as a POST. Plutora’s systems will use a GET request (if the request is not signed) and a POST (if it is).

 

Do You Support…?

Do you support:

  • Role assertions: Due April 2020.
  • JIT: Plutora does not support JIT.
  • SCIM provisioning:
    • Users can be automatically created, and it will be possible to have SSO control of roles and permissions by April 2020, but the decommissioning of users is not yet possible.
    • Decommissioning inactive users after a set time period is a planned feature.

Back to the top arrow

Be the first to find out about new features. Subscribe to the Release Notes email. Subscribe Now
Updated on March 31, 2020

Related Articles