Before you begin configuring a SAML SSO implementation, make sure you read about the
requirements and best practices.
A successful SAML implementation requires the following prerequisites.
- A supported identity provider that complies with the SAML 2.0 standard. For a list of
supported and tested providers, see Supported SAML Identity Providers. You should make sure you have expert
knowledge of how to configure your identity provider before proceeding.
- Familiarity with the SAML 2.0 specification. Before you begin the process of configuring
Jive as a SAML 2.0 service provider to your IdP, you need to understand the details of how SAML
works or else enlist the assistance of a SAML professional. The links that follow can supply
some of this information.
Required Information
Before you begin the configuration process, it is
important to have the following information available:
- IdP metadata file location (URL or file content). If a URL is specified, updates are usually
much easier.
- The friendly attribute names sent with each SAML assertion.
-
If you plan to add users to permission groups based on authorization information provided by
the IDP, the name of the attribute that contains this information. This attribute can be a
list or comma-separated value containing all the group names in which the subject should be
placed. These permission groups can then be granted specific permissions within Jive.
Planning for Jive User Provisioning and Profile Synchronization
When you
implement SAML, you need to decide on a strategy for which members of your organization will be
included in the Jive Community, and with what rights. For example, you'll need to decide whether
all your organization's users should be able to create accounts in the Jive community, and
whether you will assign them to authorization groups. If you're primarily responsible for the
technical implementation of this feature, make sure you discuss these decisions with your Community
Administrator.