Xpert Suite SAML application setup
Introduction
This article demonstrates how to set up Xpert Suite for single sign-on. The configuration takes place in HelloID and requires you to send information to Xpert Suite.
Requirements
HelloID environment
Xpert Suite environment
Create or import a certificate
If there is no certificate yet, you must create or import one. For this tutorial, we will create a self-signed certificate. Name it XpertSuiteSelfSigned
.
Application setup
Add the Xpert Suite application
Add a new application.
Find the template for Xpert Suite (SAML).
Select its Add button.
General tab
Change the following settings:
Default Login URL
Replace with your Xpert Suite environment SSO URL. For example:
https://enyoi.xpertsuite.nl/account/singlesignon
.
Select the Next button.
Single Sign-On tab
Change the following settings:
SP-initiated URL
Enter your Xpert Suite environment SSO URL. For example:
https://enyoi.xpertsuite.nl/account/singlesignon
.X509 CertificateSelect the certificate that you previously imported or created.
Select the Next button.
Self Service tab
Optionally, generate a Self Service product, which makes the application requestable. Select a group which will have access to the product.
Select the Next button.
Finish tab
On the Finish tab, click Save to add the application to HelloID.
Additional configuration
Mapping
By default, the user's HelloID {{user.contactEmail}}
attribute is sent as the SAML NameID. If you want to use another attribute, see Mapping - Overview.
Supplier-side configuration
The HelloID side of the configuration is now finished. To connect, Xpert Suite needs to add the connection on their side. Contact Xpert Suite to request this. Send them the following information:
Metadata URL
Metadata URL
Go to the Applications overview.
Select the Edit link for the newly-added Xpert Suite application.
Right-click the Download metadata button
Select Copy link address. It will resemble:
https://enyoi.helloid.com/metadata/download?ApplicationGUID=e6e741f5-a469-4849-93f7-fe2e259a339f
.
Additional HelloID Application Setup
Add the Generic Shortcut Application to HelloID
A default configuration for the Xpert Suite application results in an infinite redirect loop. The solution is to use an application shortcut. See Avoid an infinite redirect loop in an SP-initiated SAML app.
Go to the Applications overview.
Select the Edit link for the newly-added Xpert Suite application.
Check the option Hide application.
Click Save.
General tab
Change the following settings for the application shortcut:
Default Login URL
Replace with your Xpert Suite environment URL. For example:
https://enyoi.xpertsuite.nl
.
Finish tab
On the Finish tab, click Save to add the application shortcut to HelloID.
Finish up
After Xpert Suite adds the connection, the application is ready for use. Go to the HelloID User Dashboard and launch the application. You should be authenticated into the Xpert Suite application without being prompted for credentials.
You are now free to test the application and assign it to users within your organization. Be sure to assign the application shortcut you created, rather than the original application. See Applications - Overview and its related articles for more information.