Overview
SAML is a method used for SSO (Single Sign-on), this means that a 3rd party Identity Provider handles authentication and verification.
Essentially, when a user clicks on the desired SAML icon on the login page they are directed to the Identity Provider (IdP) where they login. After successfully logging in at the IdP, the user is then re-directed back to Compass and logged in.
Notes:
When setting up SAML, schools choose which value their SAML service is tied to. These can be SussiID, Government Number, Email or Identity Management Identifier. All users need this individual value to only be entered on the single account that they are using SAML to log into.
Since Compass re-directs to the SSO provider, all passwords for SAML services are managed by the SAML host/Tennant/SSO service.
SAML works alongside other auth methods, it does not interfere with other auth methods.
Types of SSO/SAML
TYPE of SSO | CAN BE USED BY | PROVIDERS | NOTES |
SAML
| Staff, Students |
| Northern Territory: Users need to have their LDAP username set to their SAML username, in which their email address will need to be the same.
CEnet: Ceider code needs to match, along with their LDAP usernames |
Google SSO | Staff, Students | N/A | N/A |
Guides: