SSO: SAML
This document focuses is an onboarding guide for SAML SSO with ReviewPro. It assumes that the reader understands authentication flows for SAML.
Introduction
SAML serves as the standardized protocol that enables secure, XML-based communication between identity providers and our platform.
By integrating SAML, we facilitate a seamless Single Sign-On (SSO) experience that eliminates the need for multiple credentials. This feature allows enterprise clients to centralize user authentication within their existing identity management infrastructure.
Security is enhanced by ensuring that sensitive passwords never leave the organization’s secure environment. Administrators benefit from automated user provisioning and instant access revocation across all connected corporate services.
Part 1: Identity Provider Setup
Before configuring authentication flows, ensure your identity provider (IdP) is properly configured:
SAML IdP Requirements
- Client Registration: Register your application with the IdP
- Identifier (Entity ID): Configure the Identifier as “reviewproapp”
- Reply URL/ACS URL: Configure https://app.reviewpro.com/saml/auth as Assertion Consumer Service URL
- Attribute Mapping: Configure user attribute mapping (email required)
- Binding Support: Ensure HTTP-POST binding is supported
- Sign on URL (Optional)
- Relay State (Optional)
- Logout Url (Optional)
Part 2: Attribute and Claim Mapping for IdP Configuration
This section defines the user information that your IdP sends to ReviewPro.
- Navigate to Attributes & Claims.
- Ensure that the unique user identifier (Name ID) is correctly mapped. The primary claim must be the user's email address.
|
Unique User Identifier (Name ID) |
user.mail (Email Address) |
Your user's email address on the identity provider must match that user's email address in Reviewpro Reputation. |
Part 3: Reviewpro Reputation Configuration
- Once you configure your IdP with SAML please contact Reviewpro Customer Success Team and provide the required information below:
- Login URL
- Microsoft Entra Identifier
- App-Federation Metadata URL
- Reviewpro will create the SSO profile and confirm to the client that it is ready for testing with one user.
- To test, open the Reviewpro platform and login with your user, once logged in, navigate into settings > Organization > Users
- Search for the user, enter edit mode, mark the option "SSO required”, select the "yes”, select the right profile and save.
- Test the login via your Single sign on.
Docs Navigation
- Overview
- Authentication
- Lookup Product ID (pid) for Your Account
- Lodging - Review Rating Distribution
- Lodging - Published Reviews Export
- Lodging - Customer Survey Questionnaires
- Semantic Concepts
- Semantic Mentions
- Published Reviews IFrame
- Surveys
- Surveys - Generating personalized links
- SSO: OpenID Connect
- SSO: Deprecated version
- Guest-stays API-endpoints
- SSO: SAML