SAML
SaleMove supports clients using Single Sign-On via Security Assertion Markup Language (SAML 2.0). SAML is an XML-based, open-standard data format that allows parties to securely exchange user authentication and authorization data. SAML-Based Single Sign-On (SSO) allows clients to have full control over the authorization and authentication of user accounts that can access to the web-based Operator Application. In this model, SaleMove acts as a service provider while SaleMove's clients act as identity providers that control usernames, passwords and other information used during the identification, authentication and authorization process of users by SaleMove web applications. In addition, all logs remain with the identity provider (SaleMove’s client) for audit purposes.
SaleMove supports two ways of SSO by means of SAML: Identity Provider (IdP) Initiated SSO (Unsolicited Web SSO) and Service Provider (SP) initiated SSO. In an IdP Initiated SSO a user is logged on to the IdP and attempts to access a resource (SaleMove) on a remote SP server. The SAML assertion is transported to the Service Provider (SaleMove) via HTTP POST.
The SAML parameters can be configured programmatically or by requesting help from your Success Manager.
Action: POST /saml
This creates a SAML provider that can be associated to a Site.
Parameters | Type | Required | Description |
| String | Yes | A URL to the SAML Provider endpoint that returns the Provider's configuration data |
| String | Yes | The |
| String | Yes | The name of the attribute within a SAML response where the Operator's email is placed |
| String | Yes | The subdomain that will be used by Operators to access the Operator console. E.g. if the subdomain is set to |
| String | No | The authentication context of the SAML |
| String | No | The name of the attribute within a SAML response where the Operator's name is placed |
| String | No | The name of the attribute within a SAML response where the Operator's email is placed |
Later the information of the new SAML provider can be fetched at the URL subdomain.app.salemove.com/saml/metadata. Where the subdomain is the value of the parameter subdomain sent along with the POST request.
Action: PUT /saml/{saml_id}
This updates the configuration of a SAML provider.
Parameters | Type | Required | Description |
| String | Yes | The |
| String | Yes | The |
| String | Yes | A URL to the SAML Provider endpoint that returns the Provider's configuration data. |
| String | Yes | The |
| String | Yes | The name of the attribute within a SAML response where the Operator's email is placed. |
| String | Yes | The subdomain that will be used by Operators to access the Operator console. E.g. if the subdomain is set to |
| String | No | The authentication context of the SAML |
| String | No | The name of the attribute within a SAML response where the Operator's name is placed |
| String | No | The name of the attribute within a SAML response where the Operator's email is placed |
While configuring the SAML provider via the Customer Success Manager the following parameters will be requested:
Parameters | Type | Required | Description |
| String | Yes | The certificate fingerprint used for authentication purposes between the IDP and the SP |
| String | Yes | The name of the attribute within a SAML response where the Operator's email is placed |
