/
Configuring SAML SSO for ggLeap

Configuring SAML SSO for ggLeap

Configuring SAML SSO for ggLeap

This article outlines the steps to configure SAML Single Sign-On (SSO) for ggLeap, allowing users to log in using their existing credentials from a SAML Identity Provider (IdP).

Prerequisites:

  • You have access to the ggLeap Admin portal.

  • You have a SAML IdP configured (e.g., Shibboleth, Azure AD, Google Workspace).

  • You have the Metadata URL for your SAML IdP.

Steps:

  1. Navigate to the Add-ons Page:

    • Log in to your ggLeap Admin portal.

    • Go to Settings > Add-ons

  2. Access the SAML SSO Add-on:

    • Locate and click on the Saml SSO add-on.

image-20250310-183816.png

  1. Configure InCommon Federation Participant (if applicable):

    • If the toggle switch labeled "YOUR INSTITUTION is an Incommon Federation Participant" is enabled, turn it off unless you are an Incommon Federation Participant.

image-20250310-184007.png
Configure InCommon Federation Participation

  1. Enter your IdP Metadata URL:

    • In the field that was previously labeled "InCommon Entity ID", enter the Metadata URL for your SAML Identity Provider.

image-20250310-184042.png
Metadata URL

  1. Enter SSO Configuration ID (if required):

    • If your setup requires a specific SSO Configuration ID (e.g., for multi-tenant Azure AD configurations), enter it in the "SSO Configuration ID" field.

    • Note: For most standard setups, this field can be left blank.

image-20250310-184100.png
SSO Configuration ID

  1. Save your settings:

    • Click the Save button.

On your Identity Provider (IdP):

  • You will need to configure your SAML IdP to trust ggLeap as a Service Provider (SP).

  • Use the following Metadata URL for ggLeap:

    https://sp.ggleap.com

Important Considerations:

  • Metadata URL: Ensure you are using the correct Metadata URL from your IdP. This is crucial for establishing the trust relationship.

  • SSO Configuration ID: Only use this if you have a specific requirement, such as multi-tenant setups. Consult your IT department or ggLeap support if you are unsure.

  • IdP Configuration: The specific configuration steps on your IdP will vary depending on the platform you are using. Refer to your IdP's documentation for detailed instructions.

  • Testing: After configuring both ggLeap and your IdP, use the "Test Connection" button in the ggLeap SAML SSO settings to verify the connection.