SSO FAQ

Where Do I Find The…?

Where do I find the:

  • EntityID or Identifier:
    • There are two possibilities, based on the Combined Issuer checkbox in Login Settings Customization:
      • Enabled (preferred option):  The authentication request Issuer will be https://idp-{region}.plutora.com. Having this setting enabled allows for cross-site (in other words, Plutora and Plutora Test) login using the same SSO setup.
      • Disabled (default option): Then the authentication request Issuer will be https://{subdomain}.plutora.com.
  • Endpoint or AssertionConsumerService location:
    • There are two possibilities, based on the Combined Issuer checkbox in Login Settings Customization:
      • Enabled: Will be https://idp-{region}.plutora.com/api/Login/ExternalLoginResponse if Combined Issuer checkbox in Login Settings is enabled
      • Disabled: Otherwise, it remains as https://{subdomain}.plutora.com.
  • SAML Binding:
    • The SAML Authentication Response is to be sent as a POST.
  • Signing certificate (if required):
    • There is a link on the Login Settings page to download the public certificate.
It is likely that you will need the request sent as a POST. Plutora’s systems will use a GET request (if the request is not signed) and a POST (if it is).

 

Do You Support…?

Do you support:

  • Role assertions: Due April 2020.
  • JIT: Plutora does not support JIT.
  • SCIM provisioning:
    • Users can be automatically created, and it will be possible to have SSO control of roles and permissions by April 2020, but the decommissioning of users is not yet possible.
    • Decommissioning inactive users after a set time period is a planned feature.

Back to the top arrow

Be the first to find out about new features. Subscribe to the Release Notes email. Subscribe Now
0 found this helpful.