SAML Identity Provider Integration

This documentation covers the integration of SAML identity providers with Willba. SAML (Security Assertion Markup Language) allows for secure single sign-on (SSO) between your organization's identity system and Willba.

Benefits

• Single Sign-On (SSO): Users can access Willba using their existing organizational credentials
• Centralized User Management: Manage user access to Willba directly from your identity provider
• Enhanced Security: Leverage your organization's security policies and multi-factor authentication
• Automated User Provisioning: Users are automatically created in Willba when they first sign in
• Group-Based Access Control: Map organizational groups to Willba roles and permissions

Supported Providers

Willba supports integration with various SAML identity providers. Select your provider for specific configuration instructions:

• Google Workspace
• Microsoft Entra ID

If you're using a different SAML provider, please contact your Willba representative for assistance.

General Process

While the specific steps vary by provider, the general process for setting up SAML integration includes:

1. Configure the Service Provider in your Identity System:

   • Create a new SAML application in your identity provider
   • Configure the Entity ID and Assertion Consumer Service URL
   • Set up attribute mappings for user information (email, name, groups)
   • Download the SAML metadata file

2. Share Configuration with Willba:

   • Provide the SAML metadata file to your Willba contact
   • Specify which user groups should have access to Willba

3. Willba Configuration:

   • Your Willba contact will configure the identity provider in Keycloak
   • They will set up the appropriate attribute and group mappings

4. Testing and Deployment:

   • Test the integration with a small group of users
   • Roll out to all users once confirmed working

For administrators who need to configure Keycloak for SAML integration, please refer to the Admin Documentation.