iLobby SSO Setup Requirements
iLobby can be integrated with any single sign-on (SSO) provider, as long as it supports:
1. idP (Identity Provider) as the initiation method
2. SAML 2.0 technology
Note: Instructions on how to get a Metadata XML file are outlined below.
You will receive an Identifier (Entity ID) and a Reply URL which will look as follows:
Identifier (Entity ID) is the same for all customers: https://login.goilobby.com/saml2
Reply URL (Assertion Consumer Service URL): https://login.goilobby.com/saml2/login/xxxxxxx
Types of SSO:
-
OKTA
-
Microsoft Azure
1) Navigate to Azure Active Directory -> Enterprise application
2) New Application
3) Non-Gallery Application
4) Name: iLobby SAML
5) Setup Single Sign-On
6) Select SAML
7) Scroll down to SAML Signing Certificate and copy the Federation App Metadata URL, then provide it to iLobby Support. We will then provide with appropriate Reply URL.
8) Click on Edit for Basic SAML Configuration
9) Specify Identifier (Entity ID): https://login.goilobby.com/saml2
10) Reply URL (Assertion Consumer Service URL): will be provided once metadata file is provided
11) User Attributes & Claims
-
Click on Edit under User Attributes and Claims
-
Update the value for Unique User Identifier
c. Select user.mail as a Source Attribute
Simplify User Management with Optional User Provisioning via SSO
Customers have the option to streamline user provisioning through iLobby's Single Sign-On (SSO) functionality. This feature automates the creation of user profiles linked to the iLobby Address Book.
How it Works: When users first sign-in to iLobby via SSO, the system identifies the email address that that is used to sign-in, and cross-references it with entries in the iLobby Address Book.
If a match is detected, the system automatically generates a user profile, granting the "Host" privilege user role. This role offers basic privileges, enabling users to invite guests to themselves and access their historical data.