Search
Close this search box.
Search
Close this search box.
Schedule Meeting

Standard SSO Integration (SAML)

Updated Nov 30, 2023

Introduction:

This document outlines Webassessor Single-Sign-On (SSO) integration using Security Assertion Markup Language (SAML) instead of OAuth2. Both approaches are offered by Kryterion, Inc. to its clients.

Before implementing SAML into Webassessor it is important to understand that SAML, unlike OAuth2, has just two entities,

  • Identity Provider (IdP) – Always the Client.
  • Service Provider (SP) – Always Webassessor.


Purpose:

The following high-level overview of Kryterion’s standard Webassessor SSO integration using SAML summarizes the applicable implementation integration points and boundaries. 

References:

[SAML]: The SAML specification documentation is available at: http://saml.xml.org/saml-specifications
For your reference, here is the link to the integration document for an OAuth2 implementation.

Pre-requisites:

  • Since the SSO follows SAML specification, in order for a client to be able to effectively integrate with Webassessor for SSO, the client should either have an in-house IdP server or should be able to use a 3rd party IdP like Okta, Salesforce, etc. 
  • Client should be created in the Webassessor system as an entity and region with a brand since they are part of communication during SSO calls.

Integration Points and Flows

Implementation Steps

  1. Client provides the SAML IdP server details
  2. Client adds Webassessor information into their system
  3. Client uses the following links to initiate the SSO workflow

Step 1: Client provides SAML IdP server details

Before the integration can be set up, Kryterion’s Webassessor system needs certain values in order to communicate with the client IdP (Identity Provider) server. The client will provide SAML IdP server details (URL & login information) for Kryterion to register Webassessor as an application authorized to have access to the client’s User Profile information.

Metadata URIMetadata URL address of SAML IdP server that will provide authorization
IDP ID/URIIdentity URL address of SAML IdP server that will provide authorization

Step 2: Client adds Webassessor information into their system

  1. SSO URI:
    1. Sandbox: https://sb01.webassessor.com/SsoService/saml/SSO
    2. Production: https://www.webassessor.com/SsoService/saml/SSO
  2. Metadata URL:
    1. Sandbox: https://sb01.webassessor.com/SsoService/saml/metadata
    2. Production: https://www.webassessor.com/SsoService/saml/metadata

Step 3: Client uses the following links to initiate the SSO workflow

    1. Sandbox: https://sb01.webassessor.com/SsoService/doSaml? provider={PROVIDER}&brand={BRAND}
    2. Production: https://www.webassessor.com/SsoService/doSaml? provider={PROVIDER}&brand={BRAND}
    3. {PROVIDER} and {BRAND} values are unique to each Client

Meet With An Expert

Our platform, solutions, and services are perfect for building modern credentialing programs. Let us help you get off to a flying start.

Schedule Meeting

7776 South Pointe Parkway West
Suite 200
Phoenix, Arizona 85044

429-433 Pinner Road
North Harrow
Middlesex HA1 4HN
United Kingdom

Test Candidates​
Test Sponsors
Quick Links
Linkedin Facebook-f X-twitter
soc2type2logo238x110
© Copyright 2024 by Kryterion Inc. and Kryterion Ltd. All Rights Reserved. Your use of this website and any dispute arising out of such use of the website is subject to the laws of the USA and the United Kingdom.

Take Control of Your Certification Program!

Want more information on how to start or expand a credentialing program? Fill out the form below and we’ll get back to you right away!

Please select the appropriate option below:

Exciting News

Dual Camera OLP…