1️⃣ Why implement an SSO SAML?
Single Sign-On (SSO) via the SAML 2.0 protocol allows your users (students, educators, administrators) to connect to Edusign using their institutional credentials: Microsoft, Google Workspace, or any other compatible Identity Provider.
✅ Benefits for your institution:
Simplified connection, without a specific password to remember
Reduced risks associated with managing multiple accounts
Secure integration with your existing environment
Smooth and professional user experience
2️⃣ Prerequisites & information to provide
To configure your SSO SAML with Edusign, here is what you need to send us:
1. Service Provider Metadata (provided by Edusign)
Download the Service Provider metadata file from Edusign at this address:
👉 https://api.edusign.fr/integrations/saml/metadata
You will then need to import it into your IdP so that Edusign is recognized as an authorized service provider.
2. IdP XML Metadata File
You must provide us with the metadata file of your Identity Provider, which contains the essential information of your identity provider (IdP):
SAML Authentication URL (entryPoint)
Security Certificate
Other optional parameters (NameID, attributes, etc.)
Example: idp-metadata.xml
3. Domain for SSO
Provide us with the domain name(s) that will be used by your users to initiate the connection via SSO.
Example: student.mydomain.fr, admin.domain.com, etc
4. Test Account
Provide a test user account on your IdP so that we can validate proper integration functionality.
Example: a generic account with SSO rights activated. without any authorization other than logging in.
3️⃣ Configuration Steps
1. Metadata Analysis (by Edusign)
We analyze your IdP file to extract:
The entry URL (entryPoint)
The public certificate (cert)
Specific parameters (attributes, formats, etc.)
2. Integration of SP Metadata into your IdP
You must:
Download our SP metadata
Create a new SAML application in your IdP
Integrate our information (ACS URL, certificate, issuer, etc.)
3. Domain Configuration
Inform us of the domain(s) used in your email addresses. These will be associated with your organization in the Edusign database to properly redirect connections.
4. Tests & validation
We conduct tests with the provided account. Once validated, the SSO connection is activated for all your users.
4️⃣ Practical case, implementing SSO SAML with Google:
Create a new SSO provider in Google Suite:
Access Google Suite Administration: "Applications → Web & mobile > SAML Applications"
Create a new SAML application and set the issuer to “Edusign”
Enter the ACS URL provided by your Edusign advisor
Add the certificate provided by the OF (after removing line breaks and spaces) into the SSO table, CERTIFICATE column
Set “Name ID” to Email, then under “basic information” > “primary Email”
Configuration is not required for all users, it can be automatic or managed by the Edusign team according to default settings
5️⃣ How do your users connect with SSO SAML?
User connection steps:
On the School, Professor, or Student platforms, enter your institutional email.
The application detects your SSO, and you can click on "Connect via
"
You are redirected to your CAS login interface.
Once authenticated, you access Edusign without additional password entry ✅
Your colleagues will have the choice to go to your Single Sign-On portal or use their Edusign password. 😉
Otherwise, you can also:
On the School, Professor, or Student platforms, click on:
“Use Single Sign-On (SSO)”Enter your domain (e.g.,
my-institution.fr).You are automatically redirected to your CAS login interface.
Once authenticated, you access Edusign
Other SSO options available:
For an overview 👉 Learn everything about SSO
To go further, visit our help center.
💬 If you can't find your happiness, contact us via chat. 💬