Workloud Setup for Single Sign On with SAML 2.0

Workloud Setup for Single Sign On with SAML 2.0

SSO Overview

This article provides client an overview of how to configure Single Sign On with SAML 2.0.

SSO allows customers to authenticate against their own systems when logging into Workloud.  Our implementation uses the SAML 2.0 protocol.

  • Identity Provider (IDP)/Asserting Party

o   This is the customer.  A common implementation is Microsoft Active Directory Federated Services (ADFS)

  • Service Provider (SP)/Relying Party

o   This is Workloud

Identity Provider Configuration

The customer will need our Service Provider Metadata to add Workloud as a relying party in their IDP.  The metadata can be retrieved by a URL from Workloud:

For Web application:<customer>/samlsso/metadata.ashx?dmn=<domainName>

For mobile application:<customer>/interop/Current/samlsso/metadata.ashx?dmn=<domainName>

Recommended Best Practices

Workloud SSO requires the unique identifier field provided by ADFS to be contained within the Attribute Statement block of the response.  Most clients find using the email address to be the best unique identifier to achieve this result.

Workloud (Service Provider) Configuration


Setting up Metadata and UID Pattern on a System level



 Setting up User Record





Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request


Powered by Zendesk