Versions Compared

Version Old Version 16 New Version 17
Changes made by

Julie Isebaert

Julie Isebaert

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Prerequisites for Automatic creation of Cobundu users, see section "Cobundu SSO".

 Image Added

Cobundu SSO

Cobundu SSO is available for Go.cobundu.com and Personal Assistant.

Prerequisites for Cobundu SSO

...

  • MCS account for user must exist
    • Ideally, an HR interface takes care of automatic creation of MCS users
    • In case the logged in user doesn’t exist in MCS, the user will not be able to use any MCS-dependant features like making reservations.
  • Cobundu SSO Identity Provider Mapping (receiving following attributes from the identity provider: "MCS login ID", "First Name", "Last Name" and "E-Mail“)
    • In case the “MCS login ID” attribute is not correctly mapped, the user will not be able to use any MCS-dependant features like making reservations.

How is it set up?

Cobundu supports SAML 2.0 protocol which is the industry standard among all up-to-date integrations.
The SSO configuration from MCS cannot be re-used on Cobundu. These are 2 separated apps from the Identity Provider perspective, and each requires an independent SSO federation setup.

Development takes 3 – 4 MDs (incl PM).  The estimate depends on configuration and regulations on the Identity Provider in terms of supported SAML 2.0 options and features, as well as on the maturity of IT staff that is responsible for configuring federation on the customer side. The estimate does not cover HR interface setup on MCS (user accounts sync), which is a prerequisite for SSO to work on Cobundu.

Contact applicationintegration@spacewell.com for a more detailed quote or to plan your next project.

How does it work?

A user logging in with Cobundu ID (tenant.ID) is recognized as being part of a tenant where SSO has been setup and Cobundu will automatically create a Cobundu account.

A user logging in with e-mail address is now also supported: It uses a whitelist of e-mail providers (eg @spacewell.com or @mcs.be) to check the tenant. To whitelist an e-mail domain, add it to Settings > SAML SSO > "Allowed email domains (comma separated)" (underneath "Auto-Create user").

Image Removed 

 

On GO, if your customer has SSO installed and you want to bypass (and login using your Cobundu ID), go to https://go.cobundu.com/no-sso; select "Log in with your Cobundu credentials"; then log in with your Cobundu ID and password.

...