The customer is responsible for providing Conga Contracts with the following items:
Identity Provider Endpoint URL
This is the URL that will consume the SAML2 AuthnRequest. It must be able to understand the SAML 2.0 HTTP Redirect Binding.
Public Key of the Assertion Signing Certificate
Conga Contracts need the Public Key portion of the company’s certificate in order to validate the signature on the assertions passed from the customer. This must be standard x509 certificate format.
Authentication Only or Authentication and Authorization
Conga Contracts will need to know whether the organization would like to manage the users and roles within the application (authentication only) or if customer would like the SSO solution to also create and manage the role membership of users based on data provided within the attributes of the assertion. If company chooses to handle authorization through the SSO solution Conga Contracts will also need the users first name, last name, email address and group membership passed as attributes in the assertion.
Sample Assertion for Testing
The sample assertion is only for validating the signature and any mappings necessary based on the selection of authentication or authentication and authorization.