Skip to main content

HelloID

BergOp SAML application setup
Introduction

This manual shows you how to set up SSO to BergOp. The configuration takes place in HelloID and requires you to send information to Praktikon.

Requirements:

  • HelloID environment

  • BergOp environment

Create or Import a Certificate

If there is no certificate yet, a certificate must be imported or created. This can be done in the HelloID Administrator Portal under Settings > Certificates. For this tutorial, we will use a self-signed certificate. Learn more about certificates here.

Application Setup
Add the BergOp Application

Create a new application in HelloID by navigating to Applications > Applications. Open the Application Catalog and search for "Bergop". Find the SAML template, and click Add. Learn more about managing applications here.

mceclip0.png
General tab

On the General tab, you don't need to change anything. Optionally, you may change the name or add a description. Click Next.

mceclip1.png
Single Sign-on tab

On the Single Sign-On tab, perform the following steps:

  1. Change the Issuer to your portal name.

  2. When connecting to the production portal of BergOp, you don't have to change the Endpoint/ACS URL. When connecting to a test or acceptation portal, use the URL provided by Praktikon.

  3. In the X509 Certificate dropdown, select the certificate that you created or imported previously.

  4. Click Next.

mceclip2.png
Self service tab

On the Self Service tab, choose whether to automatically create a Self Service product, which makes the application requestable. This is optional. Click Next.

Finish Tab

On the Finish tab, click Save to add the application to HelloID.

mceclip3.png
Application metadata

After saving the BergOp application, click its Edit link on the applications overview. This will bring you to its properties page.

You can simply right-click Download metadata at the right top of the screen and copy the URL for later communication with Praktikon.

Mapping set

After saving the BergOp application, click its Edit link on the applications overview. This will bring you to its properties page. You can now edit the Mapping Set on the configuration tab.

Press the Change mappings button of the SAML user.

mceclip4.png

You must edit the tenantId in the mapping. This will often be the name of your HelloID tenant. This value will be provided to Praktikon.

Check to see if all other values are mapped correctly by default. Learn more about application mapping sets here.

mceclip6.png
BergOp Configuration
Request SAML

In order to make the connection, Praktikon needs to add the connection on their side. This can be requested at Praktikon.

To configure the SSO on the BergOp side, they will need the following information:

  1. Metadata URLPlease provide the dynamic Metadata URL from the previous step to Praktikon

  2. Tenant IDThe name of your HelloID portal used in the mapping.

  3. Login URL

    The login URL also found in the metadata in the format of "https://ihub.helloid.com/relayservice/redirect/396f41ed-6d3a-4ef3-bc4c-a64c5b1847e9"

  4. Logout URLThe sign out URL of your HelloID environment in the format "https://{customer}.helloid.com/authentication/signoff"