SAML login is a feature Tulip offers as an integration with a your existing SAML provider.
This integration allows Tulip users to log in to Tulip the same way they log in to other systems in your organization.
SAML is a generic authentication protocol supported by a wide range of systems. In SAML terminology, Tulip is a Service Provider (SP), and your SAML software is the Identity Provider (IdP). The Identity Provider stores or federates information about users and what applications they have access to.
Tulip acts as one of those applications, and so it can use the SAML protocol to request information about users from the IdP when they log in.
How to Use SAML Within Tulip
When an operator or administrator attempts to log in to Tulip or the Player, they will see a screen like this:
After they click the button, they will be redirected to a SAML login modal like this:
When they log in for the first time, a new user will be created in Tulip with all relevant details from their SAML account.
How To Setup the SAML Integration On Your Tulip Account
Tulip will need three pieces of information to set up the SAML integration:
- A file or link to your SAML Identity Provider's metadata XML.
- A description of the SAML attribute statements your IdP provides and how they should map to Tulip user attributes.
- A decision on whether Tulip Operators log in to the Tulip Player using SAML or badge ID