Skip to main content
Skip table of contents

SAML Setup Guide for the iGrafx Identity Solution

What is SAML2?

SAML stands for Security Assertion Markup Language and is used to provide Single-Sign-On (SSO) services to end users. It is used as a data exchange format between Service Providers (web applications that require their users to be authenticated) and Identity Providers (web applications that provide the required authentication). The iGrafx Identify solution acts as a Service Provider (SP) in this scenario, while your Azure AD, ADFS server or Okta instance acts as an Identity Provider (IDP).

SAML Flow with the iGrafx Identity Solution

Requirements

  • SAML 2.0 compatible Identity Provider

  • NameID format is email address

General Basic SAML configuration

For Europe/EMEA

  1. Identifier (Entity ID of the Service Provider): https://id.igrafxcloud.eu/realms/igrafx

  2. The specific Reply URL for your iGrafx Process360 Live will be provided to your by iGrafx
    ACS/Reply URL: https://id.igrafxcloud.eu/realms/igrafx/broker/YourTenant-idp-1/endpoint

  3. Sign on URL: https://YOUR_SUBDOMAIN.igrafxcloud.com

Rest of the World/NA

  1. Identifier (Entity ID of the Service Provider): https://id.igrafxcloud.com/realms/igrafx

  2. The specific Reply URL for your iGrafx Process360 Live will be provided to your by iGrafx
    ACS/Reply URL: https://id.igrafxcloud.com/realms/igrafx/broker/YourTenant-idp-1/endpoint

  3. Sign on URL: https://YOUR_SUBDOMAIN.igrafxcloud.com

SAML IDP Initiated SSO

IDP initiated SSO is available in preview. To use this feature, you’ll need to add an additional ACS/Reply URL to your SAML application and configure it to use this new URL for IDP initiated SSO (This is generally setting it as the default ACS/SSO URL).

The additional url can be made by copying the YourTenant-idp-1 part of your Reply URL and adding it as /clients/YourTenant-idp-1 to the end of your existing ACS/Reply URL. Your two URLs would look like depending on your region:

  • https://id.igrafxcloud.com/realms/igrafx/broker/YourTenant-idp-1/endpoint

  • https://id.igrafxcloud.com/realms/igrafx/broker/YourTenant-idp-1/endpoint/clients/YourTenant-idp-1

Identity Provider Guides

You cannot use Single Sign on with your iGrafx Desktop client (Flowcharter Product).

To connect with your Process Design app, use the API authentication method.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close