Integration Guide for SSO with Mosio

We're excited about our partnership and the possibility of integrating Single Sign-On (SSO) between our platforms. To facilitate the integration, we've put together an integration guide that outlines the methods we support.

1. Supported SSO Protocols:

• SAML 2.0 (Security Assertion Markup Language)
• Shibboleth (SP-initiated and IdP-initiated flows)
• Okta
  • See: https://www.okta.com/integrations/mosio/

2. Integration Steps:

2.1. Configuration on Mosio Side:

• Setup the authorization source:
  • Import the IdP Entity ID and the IdP metadata file.
  • Configure NameIDPolicy and any expected Attributes.
• Please specify the IdP metadata link(s) here for PROD and TEST:

2.2. Configuration on IdP Side:

• Create a new application for Mosio.
• Set the ACS (Assertion Consumer Service) URL*
• Set the Entity ID*

*Values will be provided by Mosio once the metadata is imported.

3. nameID and Attributes:

Mosio will typically use the user's email address as the identifier within our system. However, some IdP's may not treat this as a static value. Please suggest the preferred value if this is the case.

• nameID
  • Please supply the user's email address as the nameID. If this is not possible, please let us know and supply the email as an attribute.
• Please specify Attribute Release Policy (defaults provided, please edit):
  • mail - urn:oid:0.9.2342.19200300.100.1.3
  • givenName - urn:oid:2.5.4.42
  • surname - urn:oid:2.5.4.4

4. Testing and Validation:

• Once the configuration is complete, please notify us so we can perform testing together. This will ensure a smooth user experience.
• Mosio will provide both a test and a production environment. Once testing is complete in the test environment, the configuration will be imported in the production environment.

5. Support & Troubleshooting:

• If you encounter any issues during the integration, please reach out to our support team at [email protected], or reply to your open ticket.

We've worked hard to ensure a seamless and secure integration experience. If you have any additional requirements or questions, please don't hesitate to get in touch.