Service Provider (SP) Initiated SAML Authentication Flow
SqlDBM offers Service Provider (SP) Initiated SAML Authentication for a variety of Identity Providers (IdPs). The diagram below illustrates the request workflow.
SSO Setup
Using the table below, find the values appropriate to your IdP:
| Entity ID | Reply URL | Logout URL | SP Metadata |
Secure Ark | ||||
Ping Federate | ||||
Forge Rock | ||||
Webseal | ||||
Cyber Ark |
You can leave the following fields blank
Sign on URL: leave blank
Relay state: leave blank
Setup Claims:
Email
This should correspond to the user’s email address
Claim type should match either of the following (case sensitive)
Emailhttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
Name
This will populate the users display name in SqlDBM
Claim type should match (case sensitive)
Name
Submit a Request to Enable SSO
Once your team has completed the setup steps mentioned above, please visit the support portal at support.sqldbm.com and open a support ticket with the following information
App Federation Metadata Url
What to expect once you have submitted a ticket:
The support team will review the information shared
Once the information is verified, your SSO will be enabled on the following Tuesday or Thursday
After Enabling SSO
For new users
Sign up with a username and password
Log in using your username and password
Accept the invitation to join your organization by clicking the link in your invitation email.
Visit your subscription page to confirm that you accepted the invitation
Your account will now be linked to the subscription
Log out and continue to the next section
For existing subscription users
Log in using SSO by selecting the appropriate IdP from the options provided
To access SSO, use the icons on the Sign-In page. If your provider isn’t listed, click the three dots to find the correct IdP.