Skip to main content


The Patient Safety Company application setup

This article demonstrates how to set up HelloID and Patient Safety for single sign-on using the SAML protocol. The configuration takes place in HelloID and requires you to send information to The Patient Safety Company.

  • HelloID environment

  • Patient Safety environment

    • SSO has to be requested from The Patient Safety Company, which may incur additional costs.

Create or import a certificate

If there is no certificate yet, a certificate must be imported or created. This can be done in the HelloID admin dashboard under Settings > Certificates. For this tutorial, we will use a self-signed certificate. Create one before proceeding. See Certificates.

Application setup
Add the Patient Safety application

Go to Applications > Applications and select the Open application catalog button. Find the template for The Patient Safety Company and select its Add button. Learn more about managing applications here.

General tab

On the General tab, enter the Patient Safety environment URL in the format https://{customer} into the Default Login URL field. Replace the subdomain with your account's actual value.


Select the Next button.

Single Sign-on tab

On the Single Sign-On tab, enter the following information:

  • Issuer

    Leave empty, unless you've received a specific value from The Patient Safety Company.

  • Endpoint/ACS URL

    Enter https://{customer}{customer} Replace the two subdomains with your account's actual value.

  • Validate and use ACS request URLLeave on.

  • ACS validation listEnter https://{customer}{customer} Replace the two subdomains with your account's actual value.

  • SP-initiated URLLeave empty.

  • X509 CertificateSelect the self-signed certificate you created earlier.

  • Overwrite AudienceLeave off.

  • Extra audience(s)Enter https://{customer}{customer} Replace the two subdomains with your account's actual value.


Select the Next button.

Self service tab

On the Self Service tab, choose whether to automatically create a Self Service product, which makes the application requestable. Select a group which will have access to the product. This is optional.

Select the Next button.

Finish tab

On the Finish tab, select the Save button to add the application to HelloID.

Configure the mapping set

By default, the unique identifier is set to the user's username. This assumes that the user's userPrincipalName is used in HelloID and it matches the user's email address in Patient Safety.

If you wish to use another attribute, see Mapping - Overview.

Supplier-side configuration

The HelloID side of the configuration is now finished. You must now provide the dynamic metadata URL to The Patient Safety Company, so they can complete their side of the configuration. This may incur additional costs.

Go to Applications > Applications and select the Edit link for the newly-added Patient Safety app. Right-click the Download metadata button and select Copy link address. It will resemble something like


Provide this URL to The Patient Safety Company.

Finish up

The Patient Safety application has been added to HelloID, and a trust has been configured between Patient Safety and HelloID. You are now free to assign the application to users within your organization and begin testing it and using it. See Applications - Overview and its related articles for more information.