LoanBeam supports SSO via SAML 2.0 (Microsoft Azure)
SSO Connectivity to LoanBeam
LoanBeam provides SSO connectivity to its clients through IDP initiated authentication.
Client user initiates SSO through an IDP initiated URL to gain access to LoanBeam. The IDP generates a SAML request which will contain various attributes like user email, user first name and user last name. The SAML request is posted to the LoanBeam assertion URL where it gets authenticated and parsed based on client X.509 certificate and SAML attributes. Valid users (based on Email ID attribute) are allowed access to the Loanbeam system
|
Environment - Stage |
Specifications |
|
SAML Version |
SAML 2.0 |
|
SAML Audience |
https://stageweb.loanbeam.com/ |
|
Assertion URL |
https://stageweb.loanbeam.com/Assertion/AssertionConsumerService |
|
Attribute Name |
USER_EMAIL, FIRST_NAME, LAST_NAME |
|
SSO Login URL |
<Client side IDP login URL> |
|
SSO Logout URL |
<Client side IDP logout URL> |
|
Signed Assertion |
Required |
|
Assertion Validity |
60 secs |
|
Partner Certificate |
Required |
|
Environment - Production |
Specifications |
|
SAML Version |
SAML 2.0 |
|
SAML Audience |
https://secure.loanbeam.com/ |
|
Assertion URL |
https://secure.loanbeam.com/Assertion/AssertionConsumerService |
|
Attribute Name |
USER_EMAIL, FIRST_NAME, LAST_NAME |
|
SSO Login URL |
<Client side IDP login URL> |
|
SSO Logout URL |
<Client side IDP logout URL> |
|
Signed Assertion |
Required |
|
Assertion Validity |
60 secs |
|
Partner Certificate |
Required |
Following steps are performed to on-board an account with SSO integration