How to set up SAML2 SSO for your District

Summary

• Minimum claim rules: Email Address, Given Name, Display Name, Member Of, First Name/cn, Sn/Surname
• Additional attributes can be configured for campus/school/institution identification
• Example additional attribute: ExtensionAttribute1 for location
• Submit onboarding using the SSO Onboarding form
• Contact Product Support for guidance before starting setup

Required LDAP and SAML2 attributes for SSO

To successfully federate your IdP with ClickView using SAML2, you must expose the following LDAP and SAML2 attributes. These are the minimum required claim rules for basic user identification:

LDAP Attribute	SAML2 Attribute
Email Address	<Attribute name=”urn:oid:0.9.2342.19200300.100.1.3″ id=”email”/>
Given Name	<Attribute name=”urn:oid:2.5.4.42″ id=”givenName”/>
Display Name	<Attribute name=”urn:oid:2.16.840.1.113730.3.1.241″ id=”displayName”/>
Member Of	<Attribute name=”urn:oid:1.2.840.113556.1.2.102″ id=”memberOf”/>
First Name or cn (Common Name)	<Attribute name=”urn:oid:2.5.4.3″ id=”cn”/>
Sn or Surname	<Attribute name=”urn:oid:2.5.4.4″ id=”surName”/>

Configuring additional attributes for campus or school identification

If you need to include extra information for your campus, school, or institution, you can expose and configure additional attributes. For example, the following can be used for user location:

LDAP Attribute	SAML2 Attribute
ExtensionAttribute1	<Attribute name=”ExtensionAttribute1″ id=”ExtensionAttribute1″/>

The value for ‘ExtensionAttribute1’ may be something like: ExtensionAttribute1: North Campus.

Getting support for SSO setup

If you’re unsure about attribute configuration or have questions before beginning SSO setup, contact Product Support for guidance.

Submitting your information for SSO onboarding

1. To start a new onboarding form, please click the SSO Onboarding form.
2. If you have already started completing the form, please continue using the same form.

Frequently asked questions