Glyue User Docs
  • What is Glyue?
  • Tutorials
    • Start Here
    • Building a Single-Step Integration
      • 1. Creating the Integration
      • 2. Calling the External System
      • 3. Running the Integration
      • 4. Crafting the Output
    • Building a Multi-System Integration
      • 1. Connecting to the Core
      • 2. Field Mapping
      • 3. Running the Integration
    • Building an Event-Driven Integration
      • 1. Setting up the Mock CRM
      • 2. Receiving Inbound Requests
      • 3. Triggering the Integration from the CRM
    • Building an Email Integration
      • 1. Create and Configure the Integration
      • 2. Input Validation
      • 3. Get Story IDs from Hacker News
      • 4. Get Story Content
      • 5. Sending the Email
      • 6. Wrapping Up
      • 7. Extra credit
        • extra_credit.json
    • Building a RESTful CRUD Web Service
      • 1. Integration Setup
      • 2. Vault Setup
      • 3. Create Web Service Endpoints
      • 4. Execute Web Service Endpoints with Vault Methods
      • 5. Vault Code Examples and Explanation
    • Building a Retrieval API against FIS CodeConnect
      • 1. Integration Setup
      • 2. Service Request Setup
      • 3. Field Mapping Setup
      • 4. Integration and Service Request Hook Setup
      • 5. Testing the Integration
      • 6. Common Errors
    • What is Pre-Mapping?
      • Before you start
      • Bookmarks
      • Source and Targets
      • Field Mapping Status
      • Field Mapping Comments
      • Summary
  • How-To Guides
    • How to Run an Integration from Glyue
    • How to Invite New Users
    • How to Create a Value Mapping Set
    • How to Build and Deploy a Custom Frontend
    • How to Migrate an Integration
    • How to Set Up Single Sign On (SSO)
      • Glyue Setup
      • JumpCloud Setup
      • Azure Setup
      • Okta Setup
      • Glyue SAML Config Reference
    • How to Install the Glyue App for Zoom Contact Center
    • How to use the Vault
  • Reference
    • Integration Builder Page
    • Integration Anatomy
    • Integration Components
      • Integration
      • Service Request
      • Field Mapping
      • Value Mapping Set
      • Value Mapping
      • Validation Rule
      • Mask
      • Integration Config
      • Integration Engine Versions
    • Integration Lifecycle
    • Special Functions
      • add_run_label
      • callint
      • debug
      • end
      • get_namespace
      • humanize
      • import_helper
      • keep
      • list_files
      • map_value
      • open_glyuefile
      • open_vault
      • Data Manipulation Utilities
      • calladapter
    • Special Variables
      • __adapter_config__
      • input
      • parentint
      • retvalue
      • run_history_id
      • Iterables
        • fitem/fidx
        • sritem/sridx
        • vritem/vridx/vrmsg
    • Adapters
      • Generic HTTP Adapter
      • Email SMTP Adapter
    • Web Service Endpoints
    • Vault Reference
  • Glyue Platform Reference
    • Banking Core Connectivity Guide
    • Authentication
    • Permissions
      • Service Accounts
      • Organizations
    • Frontends
    • Idempotency Layer
    • Integration Scheduler
    • Governance Reports
    • Arbitrary Integration Request Content Support
    • Admin Components
    • Logging
  • ETL
    • Glyue ETL Overview
    • Data Connectors
    • Workflows
    • Run History
    • Scheduler
Powered by GitBook
On this page

Was this helpful?

  1. How-To Guides
  2. How to Set Up Single Sign On (SSO)

Glyue SAML Config Reference

While the default SAML config settings will suffice for most use cases, changes may be necessary depending on the IdP and/or customer’s requirements.

If changes are made to an existing SAML Config, Glyue’s SAML metadata will change. All connected IdPs will need the updated metadata.

All SAML Config options

Attribute map

default: {"email": "email"}

A mapping table (in the format of a JSON object) that maps IdP user attributes (keys) to Glyue user attributes (values). If the name of the attribute for the user’s email address in the IdP is something other than email (such as emailAddress), this JSON object should be extended to include that mapping:

{
  "email": "email",
  "emailAddress": "email"
}

The user email address in Glyue is simply called email.

Some IdPs allow for mapping user attributes on their end as well.

Be sure to add the new attribute name to Required attributes.

Http client timeout

default: 10

Seconds to wait for a response from an IdP before giving up.

Logout http binding

default: REDIRECT

How Glyue should send logout requests to the IdP (user wants to logout of Glyue and their IdP). This is usually disabled by the IdP by default and is also not commonly used.

Cert file

Optional. A custom certificate and public key for Glyue to use for SAML communication.

Key file

Optional. The private key corresponding to the above cert.

By default, Glyue uses HTTPS and requires that IdPs sign their SAML assertions, and this is generally considered to be plenty secure. A key/cert pair is only needed if additional security, on top of https and SAML signature verification, is desired.

Required attributes

default: email

A comma-separated list of user attributes Glyue will require from the IdP. If a custom user attribute is added to the Attribute map it should also be added here.

Want assertions or response signed

default: True

Glyue will accept as valid all SAML assertions (login response) from trusted IdPs as long as either the assertion or the outer response containing it, is signed. This is considered secure in SAML standards and should suffice for most cases. If set to True, this overrides the next two settings.

Want assertions signed

default: False

Glyue will require SAML assertions to be signed. Automatically set to False if Want assertions or response signed is True.

Want response signed

default: False

Glyue will require the outer SAML response to be signed. Automatically set to False if Want assertions or response signed is True.

Authn requests signed

default: False

Glyue will sign its login requests to the IdP, using the cert/key pair. Generally not required.

Force authn

default: False

Requires IdP to authenticate the user directly rather than rely on a previous security context.

PreviousOkta SetupNextHow to Install the Glyue App for Zoom Contact Center

Last updated 1 year ago

Was this helpful?