How To Use SAML for User Management in Tulip
Here's how to prepare to integrate with a SAML directory.
Tulip integrates with your existing SAML provider and allows you to use SAML login/logout in different parts of the platform.
This integration allows Tulip users to log in to Tulip the same way they log in to other systems in your organization.
SAML is a generic authentication protocol supported by a wide range of systems. In SAML terminology, Tulip is a Service Provider (SP), and your SAML software is the Identity Provider (IdP). The Identity Provider stores or federates information about users and what applications they have access to.
Tulip acts as one of those applications. It can use the SAML protocol to request information about users from the IdP when they log in.
Tulip adheres to the SAML 2.0 specification.
Your identity provider must support the ForceAuthn argument from the SAML 2.0 specification.
Here are the SAML configurations that have been used with Tulip in the past:
- Require all Tulip users to log into Tulip or Tulip Player using their SAML username and password. Administrator and Operator access are specified based on a SAML attribute.
- Require all Tulip Operators to log into Tulip Player using only their badge ID, but require Tulip Administrators to log into Tulip using their SAML username and password. Administrator access is specified based on a SAML attribute.
Here's how to set up the SAML integration with Tulip
- Migrating Existing Users to SAML Authentication
- Configuring the Tulip + SAML Provider Integration
- How SAML Impacts Different Features in Tulip