SAML-based Auth

Hi Rees,

Our support team has a fantastic, step-by-step knowledge article demonstrating how to integrate Azure Active Directory SSO (based on SAML) with OneSpan Sign.

In a nutshell, the configurations include below distinct steps:
(1)have an account with your IDP provider

(2)Create a SAML Configuration, where you may be required to fill in these parameters "Identifier (Entity ID)", "Reply URL", "Sign-on URL", etc. This article has very detailed explanation with regards to the definition of these terminologies, where to find them and whether it's mandatory depending on whether you have a SP or IDP initiated workflow.

(3)Configure user attributes so that your IDP will at least pass first/last name + email to OneSpan Sign, and these three attributes coming from Active Directory will be checked against the OneSpan Sign sender profile (or signer information in package JSON if signer SSO)

(4)send the Federation Metadata XML downloaded from your IDP site to OneSpan Sign support and we will finish the configurations on our side in short time.

Duo

Thanks Duo - 

Looks like this doc has everything we need for an IDP config. Assuming your SAML connector support any IDP not just AAD?

Hi Rees,

Yes, OneSpan Sign SAML server also supports other third-party SSO providers, not limited to Azure.

Duo