Organizations grow and change daily. Your employees get married, change names, get new job titles, and update email addresses. New employees may be hired and current employees may leave or be let go.
When these changes happen, administrators at your organization need to update these accounts in every system that they appear. For larger organizations it can be an administrative burden, especially if you have hundreds of employees with dozens of required accounts.
If your organization has an identity provider (such as Active Directory), you can integrate with CollaborNation so you only need to update employee accounts in your directory service, then the changes will be reflected in CollaborNation.
Also by integrating, your employees won't need to enter or remember an email/password combination to log into CollaborNation. Once they log into their identity provider, they will automatically be logged into CollaborNation as well.
CollaborNation offers single sign-on (SSO) via SAML 2.0.
If you're interested in integrating, please contact us. We start with a discovery meeting to make sure integrating will work for your organization. We'll provide guidance and suggestions on ways that may work best.
We recommend speaking to your organization's IT team to determine their recommended approach to integrate within your organization. Each organization may handle their directory services different, and your IT team will know best. We also strongly suggest to include them in the discovery meeting with us.
Once agreed upon, some details will need to be shared to establish the integration.
To integrate, we will need the following fields:
|IdP Entity ID||A globally unique name for an Identity or Service Provider.|
For Active Directory, this is often, but not always http://[DOMAIN.COM]/adfs/services/trust
|Single Sign On Service URL||The URL target of the IdP where the Service Provider will send the Authentication Request. If your IdP has multiple URL targets, the one that uses the HTTP Redirect Binding should be used here. ("SAML 2.0 Endpoint (HTTP)")|
For Active Directory, this is often but not always: https://[DOMAIN.COM]/adfs/ls
|X.509 Certificate||A digital certificate that verifies that a public key belongs to the service identity contained within the certificate.|
Many of these fields can be found in the FederationMetadata.xml file, which if provided would be helpful.
Then we need the following attributes mapped, all case-sensitive:
|Provide the name of the field containing the email address of the employee.|
|First Name||The first name field can be named any of the following:|
|Last Name||The last name attribute can be named any of the following:|
|Ident||Each site in CollaborNation is given a unique ID by which to direct the accounts into the appropriate site. This is found in the site's URL: https://collabornation.net/login/IDENT|
The Ident will be provided by us. Your organization will need to configure a SAML attribute that has the static text of the Ident. You will then need to provide that attribute's name.