Progress will discontinue Telerik Platform on May 10th, 2018. Learn more

Integrating Active SAML Federation

Integrating Active SAML Federation

Active federation involves contacting the SAML IdP web services endpoints directly. You need to obtain the user credentials from your app user before you can use active federation. The type of credentials vary from SAML IdP to SAML IdP.

Prerequisites

You need to make certain settings before you can successfully log in your app users through a SAML IdP.

Obtaining a SAML Assertion

You need to obtain a SAML assertion from the SAML IdP before calling the Telerik Platform endpoint for registration/authentication.

How you obtain the SAML assertion depends on your SAML IdP. Consult its documentation for detailed steps. The general steps include the following:

  1. Prepare an XML file with information specific to your SAML IdP and Telerik Platform.
    You will most likely need the Telerik Platform Audience URL and Reply URL.
  2. Send the XML file deflated, Base64-encoded and URL-encoded to a designated endpoint provided by the SAML IdP.
  3. Parse the XML response to extract the assertion value.
  4. Encode the assertion value to a URL-safe format.

Use your favorite web services library to make the calls.

Registering or Authenticating a User

The Backend Services JavaScript SDK provides a single method that is used for both registration and authentication. On first invocation the user is registered with Telerik Platform. On consequent invocations for the same user Telerik Platform authenticates the user.

The Authentication.loginWithSAML() method takes a URL-encoded SAML assertion that you must have acquired beforehand. On success, the method returns an object containing a Telerik Platform access token (not to be mistaken with the SAML assertion) that can be used with further Backend Services JavaScript SDK operations. In that, the loginWithSAML() method behaves similarly to the login() method. If the user has already been registered, the object contains Id and CreatedAt fields in addition.

var el = new Everlive('your-app-id');
var accessToken = "SAML assertion here";
el.authentication.loginWithSAML(accessToken,
    function (data) {
        alert(JSON.stringify(data));
    },
    function(error){
        alert(JSON.stringify(error));
    });

See Also

Contact us: +1-888-365-2779
sales@telerik.com
Copyright © 2016-2017, Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved.