Welcome

Login Sign up

Home Knowledge Base New in Coachview Tickets

How can we help you today?

Single Sign-on: Coachview administration

Introduction

Why? When using Single sign-on-software (abbreviated to "213" SSO) as a user you do not have to remember different passwords for different applications. All you have to do is log in to your workstation and you'll have automatic access to Coachview. This way you don't have to log in every time, and the login screen is no longer displayed.
There are 2 ways to integrate SSO..
Method 1 (preference):. Via'IdpInitiated Single Sign-on' from your own 'Identity Provider'. From there, a SAML request signed by us is sent to the Idp via http-post. If you are logged in and authorized on your side (the Idp), the Idp will send back a signed SAML response containing an (possibly encrypted) assertion with at least the “Name Id” claim filled. Coachview checks the signature and whether the “name id” claim contains the unique (external) ID that is known to the person. Then you are automatically logged into coachview.
Method 2: You log in via Single Sign-on via the login page of Coachview. This is also called service provider-initiated Single Sign-on. The first time you log in as a user, the link (button 2) on the login page is not yet known and is therefore not shown. Please contact our support department for the name of this link. Login after entering your username and password from Coachview. Login via Single sign-on. You use your username and password from your workstation, not from Coachview. A new login screen will be displayed (example).
What does it take? Idp (identity provider) with SAML 2.0 (via http post) and can configure a trust. (e.g. Microsoft Active Directory Federation Services (ADFS)) Unique identifier: This must be filled with the unique identifier, which we also use in Coachview for unique identification of the persons (External Id to person). Note: If there is a CRM (companies and persons) import, this must be the same identifier user as for Single sign-on. ICT expertise and network/system administrator on your side who can configure your Idp.
Important terms. Identity Provider: This must be set up by you, this is a trusted party that creates a digital identity and provides it to an individual. Service Provider: This is Coachview, the system you want to access. SAML 2.0: Security Assertion Markup Language, the standard used to securely send messages between the Idp and the SP.
What do we need from you?
Two possibilities: The metadata URL of your Idp For example for Microsoft ADFS: https://(fill in your section here)/federationmetadata/2007-06/federationmetadata.xml. Or the settings entityID, Idp service URL and the (base64) certificate (which is used to sign the response). Note: If your certificate expires and is replaced, this new certificate must be delivered to the Coachview helpdesk in time. The new certificate will not be replaced automatically.
One claim type "Name ID". This must be filled with the unique identifier (ExternalId to person), which is used in Coachview for the unique identification of the persons.
The secure hash algorithm to be used is sha-1 for verifying the signature.

Step-by-step plan.	Who?
Provide the required data. see "What do we need from the customer".	You
Activate SAML2 authentication provider and settings adjust Coachview.	Coachview.
Setting up Idp. Metadata from Coachview (service provider) is on: Live environment: https://secure.coachview.net/innobase/sso/saml2/ Training environment https://training.coachview.net/innobase/sso/saml2/ This can be used to (automatically) configure your Idp with for example Microsoft Active Directory Federation Services (ADFS).	You.
Set claim type. This must be filled with the unique identifier (ExternalId to person), which is used in Coachview for the unique identification of the persons.	You.
The secure hash algorithm to be used is sha-1 for verifying the signature.	You.
Set up Coachview. This is possible: manually (claim type 'Name ID' must be as External ID in Coachview.) or via import 'Companies and Persons' (claim type 'Name ID' must appear as External ID in Coachview.) or metadata (URL) (see above under 'What do we need from you?).	Coachview.
Creation of 1 test person to check SSO.	Jij en Coachview.
If import 'Companies and Persons' is used - check for ExternalID. Note: if there is an error in this import, it is difficult to correct Creation or 1 test person to check SSO.	Coachview.
Import 'Companies and Persons'. Final check.	You and Coachview.

Fri, 16 Dec, 2022 at 1:06 PM | Marloes Boogaard

Did you find it helpful? Yes No

about Coachview

Our course administration software course administration software gives trainers grip and control over their administrations. Coachview offers endless possibilities thanks to our modules. The basis is planning and organizing. You can expand with, for example: teacher and location planning, sales, from evaluation to automatic workflow. Discover Coachview