This topic refers to functionality that is only available to accounts on the Business-level or above plans. If you do not see the functionality described here, either your account or realm has not been configured to show it, or your account is not on one of those plans. |
Before you begin
Important: If your company uses email aliases within your IdP, please contact Quickbase Technical Support to coordinate setting up SAML for your realm.
Before you can configure SAML in Quickbase, you must:
-
Configure an IdP that can communicate with your corporate access system using SAML 2.0. The IdP securely maintains user identity information and authenticates users through the corporate access system.
-
Ensure that your IdP sends a specific set of attributes for authentication to work properly.
-
Gather the following IdP details required to configure SAML in Quickbase:
-
Entity ID – This identifies the asset or realm you are trying to access. You should use your realm URL.
-
Sign-in URL – This URL is used by Quickbase to request authentication from the IdP (Destination in the AuthnRequest). It redirects the user to the client company's login page.
-
Sign-out URL (optional) – The URL that redirects the user to a web page after logging out of Quickbase.
-
Provider Name – How Quickbase is identified in your IdP logs, for example Quickbase.
-
Support page URL – A URL that redirects authentication issues to an internal IT tracking website.
-
Text for support link – A name in your IT department that provides your employees with a point of contact to report SSO errors.
-
Public certificate – The Identity Provider’s X.509 authentication certificate used to sign the SAML assertion XML before sending it to Quickbase.
Configuring via the Quickbase Admin Console
To configure SAML authentication in Quickbase:
-
From the Admin Console, select SAML Authentication.
-
From the SAML Authentication page:
-
If SAML authentication has not been configured, select Configure SAML.
-
If SAML authentication has been configured, the SAML authentication details display. Select Edit SAML Configuration to modify the existing SAML configuration settings.
-
(Optional) If you are using a third-party identity management solution to configure and automate user provisioning for your realm with SAML, select SCIM.
-
-
From the SAML Configuration page:
-
If your IdP metadata details are formatted correctly and are available to upload from a file, click Upload IdP metadata. The fields below will automatically populate with their respective data.
-
If you don't have metadata file, you must manually enter the data (which you previously gathered) into the required fields.
-
Select Upload certificate to upload the Identity Provider’s X.509 authentication certificate (.cer) used to sign the SAML assertion XML before sending it to Quickbase.
-
-
(Optional) To set advanced options such as the method used to encrypt the SAML assertion and to allow users to authenticate through SAML, select Advanced SAML Options. The default encryption method is AES256-bit.
-
Select Next to save your SAML configuration settings.
The SAML Authentication page displays your SAML configuration settings and indicates your public certificate was uploaded. User authentication to your Quickbase realm using SAML has been successfully configured.