SSO Configuration
Demand.Center SAML 2.0 settings
Configuration for SAML SSO such as OneLogin
Settings from Identity provider:
Audience (Entity Id) - this can be the base url of your DC instance:
Identity Provider URL (Issuer URL):
Identity Provider login page URL (SAML 2.0 Endpoint):
Identity Provider Logout Url (Single Logout Endpoint):
X509 certificate:
If you have problems - remove prefixes such as ----BEGIN CERTIFICATE---- and ----END CERTIFICATE---- and any new lines
Settings for Identity provider:
Audience: must match the Audience (Entity Id) in this configuration
Consumer Url: https://yourinstancename.demand.center/FederatedAuthentication/ProcessToken
Recipient Url: https://yourinstancename.demand.center/FederatedAuthentication/ProcessToken
Relay State can be left blank
The Name Id can be the email address, the user name in the format "firstname.lastname" or an numeric Id
If the Name Id is anything other than an email address an attribute "Email" must be provided.
If the Name Id is an email the DC username will (by default) be the first part of the email address (before the @) - this can be overridden by the UserName attribute.
Supported attributes:
Email Address | |
UserName | firstname.lastname |
Role (or DCRole) | "Marketer" or "Moderator" - if not provided then the user is assigned "Marketer" |
GEO (or DCGEO) | the Demand Center GEO for the user eg: EMEA - if this is not provided the user will be assigned the first GEO in the GEO list in DC. |
New users will be directed to a User Page to complete Timezone and other information when they first log in.