Route4Me SAML – Security Assertion Markup Language

In this guide, you can learn how to use Single Sign-On (SSO) with SAML (Security Assertion Markup Language) to log into Service Provider websites such as Route4Me with your existing user identity from your website or app. Additionally, you can learn how to add your app as an SAML Identity Provider for SSO to Route4Me.

 

Table of Contents

 

How SAML SSO Works

SAML SSO works by transferring a user’s identity from one place to another, from the Identity Provider to the Service Provider. Specifically, your website is the Identity Provider, and Route4Me is the Service Provider. The identity transfer is done with an exchange of digitally signed XML documents.

For example, you are logged into a system (Identity Provider) and want to log in to a remote application, such as a support or accounting application (the Service Provider). In that scenario, you can follow the steps below.

  1. Open the SAML login page on the Route4Me website and enter your work Email.
  2. The application identifies your origin by Email and redirects you back to the Identity Provider, asking for authentication (authentication request).
  3. You either have an active browser session with the Identity Provider or create one by logging into the Identity Provider.
  4. The Identity Provider builds the authentication response as an XML document that contains your Username or Email address, signs it using an X.509 certificate, and sends this information to the Service Provider.
  5. The Service Provider, which already knows the Identity Provider and has a certificate fingerprint, retrieves the authentication response and validates it with the certificate fingerprint.
  6. Your identity is established, and you gain app access.

 

SAML SSO Flow

The diagram below illustrates the SAML Single Sign-On flow.

Security Assertion Markup Language (SAML) Single Sign-On (SSO) Flow.

 

Add Your App as an Identity Provider

Furthermore, it’s possible to add your app as an Identity Provider for SAML Single Sign-On to Route4Me.

Go to the SAML General Settings page and fill the following fields.

FieldDescription
DomainYour website domain. It must match your users’ Email domain.
Audience/Entity IDThe URL of your website (https://your-website.com).
Single Sign-On URLURL to send an Authentication request to (https://your-website.com/saml/SSO).
X.509 CertificateThe IDP’s certificate data to verify the signature in the SAMLResponse issued by your website.
Sign RequestIndicates if outbound SAMLRequest should be signed.

Next, go to the SAML Attributes Mapping page. You must map attributes in the Identity Provider (IDP) response to the respective user attributes used by Route4Me. Specifically, Email, First Name, and Last Name are required attributes, while Phone and Role are optional attributes.

Furthermore, after completing both previous steps, you can generate an XML file with the configuration that you have to set up on your website to register Route4Me as the Service Provider.

Additionally, you are required to add your company users to Route4Me. Go to the “Team” page to add your users.

Then, after completing the above steps, you can log into Route4Me by SAML.

Was this article helpful?
Still can't find what you're looking for? Contact us

Recently Viewed Articles

You have not viewed other articles
Route4Me

About Route4Me

Route4Me has over 40,000 customers globally. Route4Me's Android and iPhone mobile apps have been downloaded over 2 million times since 2009. Extremely easy-to-use, Route4Me's apps create optimized routes, synchronize routes to mobile devices, enable communication with drivers and customers, offer turn-by-turn directions, delivery confirmation, and more. Behind the scenes, Route4Me's operational optimization platform combines high-performance algorithms with data science, machine learning, and big data to plan, optimize, and analyze routes of almost any size in real-time.