Single Sign-On

Owned by Tony Erskine
Last updated: Jul 06, 2022 by Jonathan Hoffman

For many implementations, single sign-on is not necessary because CloudCard's secure login links provide excellent security with minimal user friction, which increases user adoption.  However, there are numerous use cases where SSO improves user experience while offering a scalable provisioning strategy.

As an implementation add-on, CloudCard can integrate our SSO Connector for any SAML2 identity provider (including CAS, Shibboleth, and ADFS).

Process:

  1. Install the metadata for our test SSO connector on your IdP (preferably your test IDP if available).
  2. Create a test login account for CloudCard Support
  3. Securely communicate the following to CloudCard Support
    1. authentication credentials for the test login account
    2. the SAML attribute names for:
      1. email address
      2. ID number (generally an immutable identifier)
      3. any custom fields if you want to provision or update users via SSO
  4. CloudCard will configure the test SSO connector by installing your metadata on our system and then test the configuration. 
  5. If the test is successful, we will switch over to production.
  6. Install our production metadata in your production IdP.
  7. CloudCard will deploy your production SSO connector.
  8. CloudCard will conduct final testing and configuration.