1099 Pro has successful configurations with SSO identity providers like OKTA and OpenAM.
Note: These should be copied from the Admin/default.config file in the application folder.
The following are comments on what each key that is added to the web-config file does.
<add key="AppLogin" value="1"/>
<!--SSO-related keys: necessary when AppLogin=1 -->
<!-- Specifies Service Provider ID as it's identified for IdP →
<add key="entityId" value="ServiceProviderEntityID"/>
<!-- Specifies Identity Provider ID →
<add key="idpID" value="IdentityProviderEntityID"/>
<!-- Specifies UserID format: 0 - UserName/No domain; 1 - Domain\UserName; etc. →
<add key="nameIDFormat" value="0" />
<!-- Specifies Identity Provider URL →
<add key="SingleSignonIdProviderUrl" value="https://IdentityProviderURL" />
<!-- Specifies metadata XML downloaded from Identity Provider App Configuration →
<!-- This file must be in the Application directory\SSO\Docs folder→
<add key="metadatafilename" value="SSO\Docs\IdentityProviderMetadata.xml"/>
<!-- If "true" the application uses the metadata file specified in "metadatafilename" above to extract the certificate; otherwise the certificate file name specified in "idp-certificate" setting is used →
<add key="usemetadata" value="false"/>
<!-- Specifies IdP certificate used to sign the SAML response. If "usemetadata" setting is "true"; this property is not used. →
<!-- This file must be in the Application directory\SSO\Docs folder→
<add key="idp-certificate" value="SSO\Docs\IdentityProviderCertificate Name.crt"/>
<!-- Specifies SP certificate used to sign the SAML response. If "usemetadata" setting is "true"; this property is not used. →
<!-- This file must be in the Application directory\SSO\Docs folder→
<add key="sp-certificate" value="SSO\Docs\ServiceProviderCertificate Name.crt"/>
<!-- HTTP binding type→
<add key="SingleSignOnServiceBinding" value="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"/>
<!-- Specifies SP-initiated POST endpoint. If "usemetadata" setting is "true"; this property is not used. →
<add key="httpPostEndPoint" value="https://IdentityProviderEndPoint/HttpPost" />
<!-- Specifies SP-initiated Redirect endpoint. If "usemetadata" setting is "true"; this property is not used. →
<add key="httpRedirectEndPoint" value="https://IdentityProviderEndPoint//HttpRedirect" />
<!-- End of SSO-related keys -->