SAML Authentication
In addition to the internal user authentication mechanism, eLabJournal offers various Single Sign-On (SSO) authentication options (e.g. AD/LDAP/SAML).
For eLabJournal Private Cloud installations, the SAML authentication is required. eLabJournal has been tested to support SAML authentication with:
- Microsoft ActivActive Directory Federation Services (AD FS)
- SimpleSAMLphp Service Provider
- OKTA server
- Onelogin
To set up federated login via SAML within eLabJournal, navigate to the System Admin panel and open the System Setting tab. Open SAML Single Sign-On.
Here you can retrieve the urls for the Service Provider EntityID, the SAML metadata URL, the SAML Assertion URL and the Logout URL. Use those in your SAML provider and set-up the mapping of the attributes eLabJournal requires. In case you experience any problems or if you have any questions about setting up SAML authentication please contact us.
Certificate Renewal
Important: when your organisation renews its SAML certificates, the metadata should be reloaded in the eLabJournal installation to reinitialize authentication with the organisation, by clicking Load Metadata. To avoid any issues, please contact us prior to renewing certificates for more information.