SAML Authentication
In addition to the internal user authentication mechanism, eLabInventory offers various Single Sign-On (SSO) authentication options (e.g. AD/LDAP/SAML).
For eLabInventory Private Cloud installations, the SAML authentication is required. eLabInventory has been tested to support SAML authentication with:
- Microsoft ActivActive Directory Federation Services (AD FS)
- SimpleSAMLphp Service Provider
- OKTA server
- Onelogin
To set up federated login via SAML within eLabInventory, navigate to the System Admin panel and open the System Setting tab. Open SAML Single Sign-On.
Here you can retrieve the urls for the Service Provider EntityID, the SAML metadata URL, the SAML Assertion URL and the Logout URL. Use those in your SAML provider and set-up the mapping of the attributes eLabInventory requires. In case you experience any problems or if you have any questions about setting up SAML authentication please contact us.
Certificate Renewal
Important: when your organisation renews its SAML certificates, the metadata should be reloaded in the eLabInventory installation to reinitialize authentication with the organisation, by clicking Load Metadata. To avoid any issues, please contact us prior to renewing certificates for more information.