DNN SAML IDP Single Sign-On Setup Guides
Choose your SAML service provider to configure Single Sign-On (SSO)
Not able to find your service provider? Contact us at dnnsupport@xecurify.com and we will help you setup SSO with your SP in no time.
Couldn't find your IdP?
Reach out to us at dnnsupport@xecurify.com and we will help you setup DNN as IDP with your service provider (SP) in no time.
Setup Guide
Steps to Configure DNN as SAML IDP Module
Step 1: Download and extract the package
- Download DNN SAML Identity Provider (IDP) module.
- Extract the package and upload the installation package dnn-saml-single-sign-on-sso-idp_xxx_Install by going in Settings > Extension > Install Extension.
Step 2: Adding module on DNN page.
- Open any of the page on your DNN site (Edit mode) and Click on Add Module.
- Search for moDNNSAMLIDP and click on the moDNNSAMLIDP. Drag and drop the module on the page where you want.
- You have finished with the Installation of the module on your DNN site.
Step 3: Add SAML application for your Service Provider
- To add an application for your Service Provider in the IDP module, you will need to provide SP Entity ID and ACS URL values. You can get this metadata from your service provider. Just copy these values from Service Provider metadata and paste it under the SP Entity ID and ACS URL fields in the Service Provider Settings section.You can refer to the image below.
- Once configured service provider metadata, Update the module settings
Step 4: Attribute Mapping
- In this steps you will map the DotNetNuke user attribute to be sent in the response to the Service Provider.
- NameID defines what SP is expecting in the subject element of SAML Assertion. Generally, NameID is Username of Email Address. You can select which user attribute you want to send in the NameID.
- NameID Format defines the format of subject element content, i.e. NameID. For example, Email Address NameID Format defines that the NameID is in the form of an email address, specifically “addr-spec”. An addr-spec has the form local-part@domain, has no phrase (such as a common name) before it, has no comment (text surrounded in parentheses) after it, and is not surrounded by “<” and “>”. If NameID Format is not externally specified by SP, leave it unspecified
- You can add other attributes to be sent in SAML Assertion to SP. The attributes include user’s profile attributes such as first name, last name, fullname, username, email, custom profile attributes etc.
Step 5: Role/Group Mapping
- You can add roles/groups for a DNN user to be sent in SAML Assertion to SP. To send roles/groups in SAML assertion just add Attribute Name in Name field under Group/Role Mapping section. e.g. you can Attribute Name as roles.
Step 6: Configure your Service Provider
- After adding application for your service provider, you can provide the IdP metadata that is IDP Entity ID, IDP Single Sign On URL and x.509 Certificate to your service provider. You can find IdP metadata under the IdP Metadata section
- Once the IdP metadata is configured on service provider side, you can check if everything has configured correctly by performing SSO or Test Configuration.
Need Help?
Not able to find your service provider? Mail us on dnnsupport@xecurify.com and we'll help you set up SSO with your SP and for quick guidance (via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.
Trending searches:
Hello there!
Need Help? We are right here!
