Summary

In order to enable SSO with Ren, a client system administrators needs to create a new SSO connection within the client’s authentication systems (IdP) and provide the required information to Ren. Ren will then enabled the connection. Ren uses Auth0 by Okta to manage SSO connections (see details below).

<aside> ❓ If you have questions, please do not hesitate to contact us at [email protected]

</aside>

Information for the Client

1. Sign-On URL / Callback URL / Reply URL / Assertion Consumer Service URL

   [https://auth.rensystems.com/login/callback?connection=<connectionName>](https://auth.rensystems.com/login/callback?connection=<connectionName>) (<connectionName> will be provided to client by Ren IT)

2. EntityID

   urn:auth0:prod-rensystems:<connectionName>

3. Ren uses “Signed SAML response and assertion” using RSA-AES256.

   RenSystems_SAML_Cert_expire_2036-11-14.pem

Information Ren requires from Client

Please provide information to the following points:

1. List of all email domains used by client. (Ren will enforce SSO for these domains.)
2. List of email domains returned by IdP.
3. Attribute mapping: For attribute mapping, Ren suggests separate explicit mapping. Therefore, please provide attribute names of the 3 attributes sent:
   1. First Name
   2. Last Name
   3. Email Address
4. Sign-In URL (e.g. samlp.clientdomain.com/login)
5. Signing certificate (SAMLP server public key encoded in PEM or CER format)

Context: How Ren sets up connection on Auth0 by Okta

Documentation by Auth0 by Okta

• https://auth0.com/docs/authenticate/single-sign-on/outbound-single-sign-on/configure-auth0-saml-identity-provider

Connection Dashboard Example