In addition to the internal user authentication mechanism, eLabNext offers various Single Sign-On (SSO) authentication options (e.g. AD/LDAP/SAML).
For Private Cloud installations, SAML authentication is required. eLabNext has been tested to support SAML authentication with:
- Microsoft Active Active Directory Federation Services (AD FS)
- SimpleSAMLphp Service Provider
- OKTA server
- Onelogin
To set up federated login via SAML within eLabNext, navigate to the System Admin panel and open the System Setting tab. Open SAML Single Sign-On.
Here the urls for the Service Provider EntityID, the SAML metadata URL, the SAML Assertion URL and the Logout URL can be found. Use those in the SAML provider and set-up the mapping of the attributes eLabNext requires. In case you experience any problems or if you have any questions about setting up SAML authentication please contact eLabNext support.
Certificate Renewal
Important: When an organization renews its SAML certificates, the metadata should be reloaded in the eLabnext installation by clicking Load Metadata to reinitialize authentication with the organisation. To avoid any issues, please contact eLabNext Support before renewing certificates for more information.