Security Assertion Markup Language (SAML)
To set up a SAML integration, you will need to send the following to your customer success manager:
- Sign in URL
- X509 Signing Certificate
We will set up the SSO for you using this information. You may need a callback URL when configuring the SSO on your side, this is different depending on the environment:
- If you are integrating with a sandbox DataGuard CPM tenant then use this URL:
https://sandbox-consentric.eu.auth0.com/login/callback
- If you are integrating with a production DataGuard CPM tenant in the UK then use this URL:
https://consentric.eu.auth0.com/login/callback
- If you are integrating with a production DataGuard CPM tenant in the EU then use this URL:
https://dgconsentde.eu.auth0.com/login/callback
Authorisation
Once the SSO has been set up, you will need to provide a custom SAML attribute to authorise your users. The key of the attribute should be ssoConsentricOptions
, and the value should be stringified JSON with the following format:
{
"<your-application-id>": {
"roles": "PERMISSIONS_AGENT PERMISSIONS_ADMIN"
}
}
The roles permit users to do different things in the UI:
PERMISSIONS_AGENT
: Allows the user to see information about any citizen stored in the CPM instance.PERMISSIONS_ADMIN
: Allows the user to configure the CPM instance.
Updated 3 months ago