SAML login

Use the login for SAML on the Roadmunk landing page.

Type in the email account that is connected to a SAML account.

SAML providers

Roadmunk supports several SAML providers including (but not limited to)

  • PingOne
  • Okta
  • SSO Circle
  • Bitium
  • OneLogin
  • ADFS
  • Azure

SAML setup

To set up SAML login in Roadmunk, an IT administrator needs to contact support@roadmunk.com.

The sections below provide details on provider-specific SAML configurations.

Okta

To get Roadmunk set up on Okta, click the Create New App button in the Add Application section of the Okta Admin dashboard and enter the following details:

Under Show advanced Settings set:

  • Response: Signed
  • Assertion Signature: Signed
  • Signature Algorithm: RSA-SHA256
  • Digest Algorithm: SHA256
  • Assertion Encryption: Unencrypted
  • Enable Single Logout: Unchecked
  • Authentication context class: Unspecified
  • Honor Force Authentication: Yes
  • SAML Issuer ID :http://www.okta.com/${org.externalKey}

For step three, leave the default options.

Once this is done, Okta will display a page with a View Setup Instructions button. Please send Roadmunk the information that is displayed on that page as we will need to integrate those values on our side. Details should be sent to support@roadmunk.com

OneLogin

The team at OneLogin has created their own help centre article on setting up with Roadmunk. The steps are reproduced here.

  1. Log into OneLogin as an admin and go to Apps -> Add Apps.
  2. Search for and select the Roadmunk SAML connector. The initial Configuration tab appears.
  3. Click Save to add the app to your Company Apps and display additional configuration tabs. The Info tab appears.
  4. Go to More Actions > Download SAML Metadata and download the metadata.    Send the metadata to Roadmunk Support at support@roadmunk.com.  Roadmunk will configure the Roadmunk account with OneLogin's SAML settings.
  5. Once receiving confirmation, login into Roadmunk go to Account Settings -> Security -> Add a Login Method. Choose the new login method configured.
  6. Inside OneLogin, go to the Parameters tab and ensure the Roadmunk attribute is mapped to the email attribute in OneLogin. Ensure that Credentials are Configured by admin. 
  7. Click Save.
  8. On the OneLogin Access tab, assign the OneLogin roles that should have access to Roadmunk and provide any app security policy that to apply to Roadmunk. Go to Users -> All Users to add the app to individual user accounts.
  9. Click Save.
  10. Test the SAML connection. Ensure that user accounts exist in both OneLogin and Roadmunk that use the same value as the username. Click the Roadmunk icon on the OneLogin dashboard. 

Roadmunk only supports SP-initiated SAML, so click the SAML Login button in Roadmunk.

Did this answer your question?