SAML

Security Assertion Markup Language (SAML) is an open standard for authorization that enables third-party applications to obtain limited access to MyLogin user accounts, by delegating user authentication to MyLogin.

Flow

1. Redirect user from your app to MyLogin with SAML Request
2. The user logs in using their MyLogin credentials
3. MyLogin posts a SAML assertion to your reply URL

Setting up in MyLogin

SAML can be configured in MyLogin in your application's 'Manage developer settings' page in the SAML SSO area.

We require two pieces of information, an Entity ID (Identifier), and an Assertion Consumer Service URL (Reply URL). These are described in more detail below.

Metadata

Our Metadata URL is: https://app.mylogin.com/saml/metadata.

Our X.509 certificate is available in the Metadata.

Entity ID (Identifier)

This is a globally unique identifier for your app. This should not contain port numbers.

Assertion Consumer Service URL (Reply URL)

This is a URL in your app where we will post the user back to with their SAML assertion providing details about the logged-in user.

Encrypted Assertions

We support sending assertions encrypted using the public part of an X.509 certificate you provide.