General
      Back to home
      1. Training & Support
      2. Technical Docs
      3. General

      Scout SAML Parameters

      WoundVision Scout SAML 2.0 (SSO) - Required Parameters

      (SAML IdP XML Metadata may be provided via file or URL)

      Parameters to be Configured

      Description

      Name

       

      The Name field identifies the identity provider used for authentication. The Scout application uses it when creating and validating SAML requests and responses. This is also known as the Federation Service Identifier.

      Example: https://idp.company.com/adfts/services/trust

      Single Sign-On Service URL

      The Sign-In Page URL field represents the address where the Identity Provider users are redirected for authentication purposes. This URL can be obtained from the Identity Provider.

      Example: https://idp.company.com/adfs/ls/

      Single Logout Service URL

      The Logout Page URL field represents the address where users are redirected after they log out of the Scout account.

      Example: https://idp.company.com/adfs/ls/

      Artifact Resolution Service URL

      The Artifact Resolution Service URL represents the address that describes how a relying party can retrieve a token directly from a claim’s provider.

      Example: https://idp.company.com/adfs/services/trust/artifactresolution

      Partner Certificate

       

      The Partner Certificate is the public key of the signing certificate used by the Identity Provider. SAML requires that Identity Providers cryptographically sign their SAML assertions (containing confidential user identity information). The Scout application validates the signatures to confirm that the assertion came from a trusted source. The public key provided is used to perform the validation.

      Pick a Base-64 encoded X.509 certificate (usually with a .PEM or .CER file extension) on your computer.

      Configured Claims

      Name ID – Required

      Email – Required

      Role – Optional

      Given Name – Optional

      Surname - Optional 

      When your users access the Scout account using the IDP, they are redirected to the SSO identity provider login page to authenticate using their corporate credentials before being provided access to the Scout service. WoundVision Scout metadata may be accessed HERE.

      Silent On-boarding

      End-users do not receive any welcome or activation email. In addition, the new user accounts are automatically created and activated upon authentication. User accounts are created with basic roles (ImageCapture/ImageReview) unless otherwise configured with role claim mapping. Roles and facility access may be edited in Scout after the account has been created as necessary.

      Facility/Role Mapping

      Scout can be configured to provision facilities and role groups based on role claims provided during the authentication process. Please contact your WoundVision representative to learn more.