By implementing Single Sign-On (SSO), you give Trumba® publishers and editors access to their Trumba accounts through one standard sign-in process. No separate Trumba usernames and passwords are required.
For example, after SSO is set up, each Trumba account holder can use the same URL to directly access their individual accounts.
To provide SSO support, Trumba uses the Security Assertion Markup Language (SAML) XML standard. Trumba, as the service provider, communicates with your organization's SAML 2.0 identity provider. Your identity provider controls the information used to authenticate users.
Note Trumba Corporation is a sponsored partner member of the InCommon® Federation, which means that Trumba's SAML metadata is automatically propagated to the identity provider software of other InCommon participants.
To set up SSO in Trumba, you need to gather the following information from your SAML 2.0 identity provider software:
Note Trumba supports the SAML protocol which is also supported Active Directory Federation Services (ADFS). Trumba requires only the SAML metadata from your ADFS system, and how the user's email address is returned in the SAML response, either through the NameIdentifier element or a named attribute. For the Trumba metadata for setting up ADFS, see: https://www.trumba.com/sp.
During the set-up process, you select the location of the email address. If the location is a custom attribute, you also provide the attribute name.
Tip To avoid sign in conflicts after you set up SSO, editor account holders won't be able to change the email addresses and passwords associated with their Trumba accounts. Those options will be disabled in the editors' account settings forms. Administrator account holders will still be able to change editor sign-in credentials using the Administer Accounts option. Learn more.
To establish a trust relationship between Trumba and your identity provider software, go through this one-time set-up process.
Note If the Administer Accounts link is not available, please have your primary account holder contact Trumba Support at support@corp.trumba.com.
Tip Even with No selected, account holders can use their Trumba credentials to perform a limited set of API-related activies, such as accessing outbound feeds and ICS put operations.
If you select Custom Attribute, provide the attribute's name.
If you select Custom Attribute, provide the attribute's name.
If you select Custom Attribute, provide the attribute's name.
As the final step in the SSO set up process, configure your identify provider software so it recognizes Trumba as a service provider. Typically, this means entering the Trumba Entity ID and SAML metadata into that software.
If you're not an InCommon participant, to retrieve the SAML metadata, type the Trumba Entity ID URL into a browser address field.
If you need an SSO solution for your organization, consider the Idaptiv Identity Service. The Idaptiv App Catalog includes Trumba to simplify the setup.
If you need an SSO solution for your organization, consider the Idaptiv Identity Service. The Idaptiv App Catalog includes Trumba to simplify the setup.
For next steps, check into what you can do beyond establishing SSO for Trumba publisher/editor accounts, including: