Concept3D Room Reservations supports Single Sign-On (SSO) via SAML 2.0, allowing your users to access the platform using your institution's existing authentication system. This guide will walk you through the configuration steps needed to set up SSO with your Identity Provider.
How Room Reservations SSO Works:
- Users authenticate through your institution's Identity Provider (IdP)
- On first successful login, user accounts are automatically created in Room Reservations
- All users initially receive base User access permissions
- Your Platform Administrators manage roles and permissions within Room Reservations
Before You Begin
Required Information from Concept3D
Your Client Success representative will provide you with:
Information |
Description |
|---|---|
EntityID |
Concept3D Service Provider identifier (URL format) |
Metadata File |
Can be downloaded using the EntityID URL |
Redirect URI |
Included in the Metadata file |
Public Key (X509Certificate) |
Included in the Metadata file |
The metadata includes all technical details needed for configuration:
- EntityID
- Assertion Consumer Service (ACS) URL / Redirect URI
- X.509 Certificate for signature validation
Required Information from Your Organization
Once you have completed your IdP configuration, please provide the following to your Partner Success representative:
- Your IdP EntityID
- Your IdP Metadata URL or XML file (if different from EntityID)
SAML Configuration Requirements
General Settings
Configure your SAML application with the following parameters:
| Setting | Value |
|---|---|
| SAML Initiator | Your IdP (IdP-Initiated or SP-Initiated) |
| SAML NameID Format | |
| SAML Issuer Type | Specific |
| SAML Signature Element | Both (Assertion + Response) |
| Encrypt Assertion | Yes |
| SAML Encryption Method | AES-256 |
Service Provider Details
Use the information provided by Concept3D:
- Service Provider EntityID: (provided by Concept3D)
- Assertion Consumer Service (ACS) URL: (found in metadata)
- Public Certificate: (found in metadata)
Required SAML User Attributes
Your IdP must send the following standard SAML attributes with each authentication:
Attribute |
Required |
Description |
|---|---|---|
Yes |
User's email address (used as NameID) |
|
First Name |
Yes |
User's first name |
Last Name |
Yes |
User's last name |
Note: These are standard SAML attributes and typically do not require custom configuration in most Identity Providers.
Setup Process
Step 1: Configure Your IdP
- Create a new SAML application in your Identity Provider
- Use the Concept3D Service Provider Metadata or manual configuration
- Configure the required SAML attributes (email, firstName, lastName)
- Assign users or groups who should have access to Room Reservations
- Save your configuration
Step 2: Share Your IdP Information
Send the following to your Concept3D Client Success representative:
- Your IdP EntityID
- Your IdP Metadata URL or XML file (if different from EntityID)
Step 3: Concept3D Completes Configuration
Concept3D will:
- Configure the connection to your IdP
- Associate your IdP with your Room Reservations platform
- Provide your unique SSO login URL
Step 4: Test & Verify
- Receive your Room Reservations SSO URL from Concept3D
- Test login with a user from your IdP
- Confirm successful authentication
- Report any issues to Concept3D support
Post-SSO Setup
After providing the above information, setup will be completed by Concept3D.
When setup is complete, you can log in via your Room Reservation platform URL. Users who are already authenticated with your IdP will be logged in automatically. Users who are not authenticated will be prompted to log in via your IdP.
Support
If you encounter issues during setup or have questions:
- Contact your Concept3D Client Success representative
- Email support@concept3d.com