Single Sign-On (SSO) allows you to sign in to Trackado using your SSO provider instead of using a separate username and password. Trackado supports SAML.

SSO is configured in the settings menu under "SSO Configuration".

1. Maintain the Sign-In URL from your SSO provider an the certificate.

2. Set up the authentication callback to point to Trackado

Entity id: app.trackado.com
SAML callback url: https://app.trackado.com/saml/callback

3. Verify the sent SAML response to Trackado

The expected SAML Response should contains the following xml data:

CERTIFICATE
//ds:X509Certificate

SIGNATURE
//ds:Signature

EMAIL
/samlp:Response/saml:Assertion[1]/saml:AttributeStatement/saml:Attribute[@Name='User.email']/saml:AttributeValue

FIRSTNAME
/samlp:Response/saml:Assertion[1]/saml:AttributeStatement/saml:Attribute[@Name='User.FirstName']/saml:AttributeValue

LASTNAME
/samlp:Response/saml:Assertion[1]/saml:AttributeStatement/saml:Attribute[@Name='User.LastName']/saml:AttributeValue

COMPANY Name
"/samlp:Response/saml:Assertion[1]/saml:AttributeStatement/saml:Attribute[@Name='User.CompanyName']/saml:AttributeValue

Example Configuration from Azure AD:

You can also specify if you want to enforce SSO. If you tick the corresponding box, the users will only be allowed to use SSO to sign-in and a sign-in using the username and password will no longer be possible.

By default Trackado expects service provider initiated SSO (SP SSO) but identity provider SSO (IDP SSO) is supported as well. Get in touch with us and we will support you with the configuration of both scenarios.

Did this answer your question?