TealIQ SSO Integration Guide

Introduction

This guide will walk you through the configuration of Single Sign-On (SSO) via SAML 2.0 for seamless authentication within the Teal iQ application by TealBook. You will need to configure your Identity Provider (IDP) with specific values from our platform and ensure the proper configuration is done to enable secure access.

Prerequisites

Before you begin, please ensure that:

  1. You have administrator access to your IDP.

  2. You are familiar with SAML 2.0 and how to configure an SSO application within your IDP.

  3. You are a Teal iQ administrator and can access the Teal iQ SAML SSO settings page and view the following values:

    1. ACS/Single Sign-On URL

    2. SP Entity ID

    3. Public Key Certificate Download

 

If you are not a Teal iQ administrator, please either: 

  • contact your system administrator so that they can go through this process to configure SSO for your organization’s Teal iQ Application.

  • Or if you believe you should have administrator privileges, contact TealBook Support.

Step 1: Locate Your SSO Settings

  1. Log in to the Teal iQ  application as an administrator.

  2. Navigate to the SAML SSO Settings page. 

 

  1. On the page, you will see the following key details that need to be configured in your IDP:

    • Assertion Consumer Service (ACS) URL / Single Sign-On URL: This is the URL where your IDP will send SAML assertions.

    • SP Entity ID: This is the unique identifier for our service provider, which your IDP will use to recognize us.

You can copy these values directly into your IDP configuration. 

Copying ACS URL and SP Entity ID

  1. ACS URL: Copy this URL and input it into your IDP configuration under the corresponding SSO URL or Assertion Consumer Service URL.

  2. SP Entity ID: Copy this value and input it into your IDP configuration under the corresponding Service Provider Entity ID.

Note: We currently only support email addresses as the Name ID format. Ensure that your IDP is configured to send the email address as the Name ID format.

 

 

 

Public Key Certificate

  1. Our public key certificate is provided on the same page. You can download it for use in encryption configuration or leave it out if unencrypted assertions are preferred.

 

Step 2: Provide Metadata to Complete the Connection

You will need to provide either a metadata URL or the metadata in XML format to the Teal iQ application to establish the connection with our service.

  1. Metadata URL: If your IDP supports it, provide the metadata URL.

  2. Metadata XML: If you prefer, you can upload the metadata XML directly.

Once submitted, Teal iQ  will consume, parse, and validate the configuration values to establish a connection.

 


Step 3: Validate and Enable the Connection

Once the connection is successfully configured and the metadata is submitted, Teal iQ  will validate the details on our end. Once validated:.

  1. The Enable SSO flag in the top right corner will be activated for your account, enabling SSO logins.

  2. The bottom of the page will display your validated connection details under an ‘Organization SAML Connection’ heading.

 
 

Step 4: Logging In via SSO

  1. SP Initiated Mode: From the login screen of our application, select Login with SSO and enter your email address in the following screen to trigger the login process.

  2. IDP Initiated Mode: Alternatively, you can trigger the login process directly from your IDP by initiating the SSO login flow.

 

 

Conclusion

With these steps completed, you are now ready to use SSO via SAML 2.0 for seamless authentication. If you encounter any issues or have any questions, please feel free to contact TealBook Support - we are happy to help!