Providing and Obtaining Single Sign-On Information
Based on your Central license settings, you need to provide some sign-on (SSO) information to your IT department, or whoever is in charge of your company's identity provider (IdP) settings. In turn, your IT department should then provide you with some SSO details, which you will then plug into Central.
Note Also, depending on your IdP, you (or your IT department) might need to use certain claim attributes and formats when configuring SSO with Central. See Claim Attributes and Formats for Single Sign-On.
[Menu Proxy — Headings — Online — Depth3 ]
How to Provide and Obtain SSO Information
-
In the upper-right of Central, click your license avatar (or the first letter of your license if you haven't yet chosen an avatar image) and select License Settings.
-
On the left side of the dialog, click Settings, and make note of your Vanity.
-
Provide your IT department with the following information, substituting the bracket text with your vanity (or host mapped domain in the final case). Ask IT to enter this information into the IdP and then in turn provide you with the appropriate information mentioned in the next set of steps (see SAML Authentication Settings).
The IT department also needs to add an application in the IdP for your purposes, associating users with that application.
Note Use the following URLs with your vanity, even if you are mapping to a host domain (via CNAME) on the Sites page. The only case where you would include the host mapped domain is the SAML Endpoint URL for CNAME Sites.
Note Keep in mind that different terminology might be used by your company's IdP.
-
Login URL
Copyhttps://[vanity].madcapcentral.com
Example If your vanity is fictionsoftinc, the URL would be:
Copyhttps://fictionsoftinc.madcapcentral.com
-
SAML Endpoint for Portal
United States server:
Copyhttps://[vanity].api.madcapcentral.com/api/users/SamlLoginSucceeded
Example If your vanity is fictionsoftinc on the United States server, the URL would be:
Copyhttps://fictionsoftinc.api.madcapcentral.com/api/users/SamlLoginSucceeded
European server:
Copyhttps://[vanity].api.eugwc.madcapcentral.com/api/users/SamlLoginSucceeded
-
SAML Endpoint for Sites
United States server:
Copyhttps://[vanity].mcoutput.com/api/users/SamlLoginSucceeded
Example If your vanity is fictionsoftinc, the URL would be:
Copyhttps://fictionsoftinc.mcoutput.com/api/users/SamlLoginSucceeded
European server:
Copyhttps://[vanity].mcoutputeu.com/api/users/SamlLoginSucceeded
-
(Optional) Single Log Out (SLO)
Use the same URL as your login, so that people are redirected to it when they log out.
Copyhttps://[vanity].madcapcentral.com
Example If your vanity is fictionsoftinc, the URL would be:
Copyhttps://fictionsoftinc.madcapcentral.com
Note The SLO option is supported only by some IdPs, specifically those that only use the usernameID in the call to the endpoints. Check with your IT department to see if your IdP supports SLO.
Note This setting also allows Central users to enable an option to control how they log out (see Providing and Obtaining Single Sign-On Information). When logging out, it can mean that they are only signed out of the Central license, or it can mean that they are also signed out of the IdP.
-
(Optional) SAML Endpoint URL for CNAME Sites
Copyhttps://[host mapped domain]/api/users/SamlLoginSucceeded
Example If your host mapped domain is help.fictionsoftinc.com, the URL would be:
Copyhttps://help.fictionsoftinc.com/api/users/SamlLoginSucceeded
Note This information is optional. If you are not mapping to a host domain on the Sites page, you do not need to provide this information to your IT department.
-
What’s Next?
After you obtain the necessary information from the IdP, you need to enable SSO and add the details into Central. See Setting Up Single Sign-On Authentication on a License.