Fullcast currently supports SAML v2 for Single Sign-On with enterprise Identity Providers such as Okta. These are the settings used to configure a SAML identity provider (IdP) for support with Fullcast. You must be a Fullcast Tenant Admin to complete this task.
To get started you will need to figure out your Fullcast Tenant ID. You can do this by clicking on your name at the top right corner of the Fullcast App and then under the profile section note down the Tenant ID. This is the set of numbers. Please exclude the friendly name within brackets at the end.
Post-back URL (ACS URL)
When using IdP-Initiated SSO, make sure to include the connection parameter in the post-back URL:
The ID of the service provider is:
connection.options.entityId if available.
SAML Request Binding
Also called the Protocol Binding, is sent to the IdP from Fullcast. If possible, dynamically set the value based on
|SAML Request Binding value
|Empty value ("") or not present.
If dynamically setting the value isn't possible, then set as either HTTP-Redirect (default) or HTTP-Post if you selected this option in Protocol Binding.
SAML Response Binding
How the SAML token is received by Fullcast from IdP, set as HTTP-Post.
SAML assertion and response
The SAML assertion, and the SAML response can be individually or simultaneously signed.
This is where the SAML identity provider will send logout requests and responses:
SAML logout requests must be signed by the identity provider.
Once the configuration is completed in your SSO IdP, please download the certificate in either
PEM format. You will need to send this into Fullcast.
Please download this image to use in your SSO environment for the Fullcast application.
IdP-initiated Single Sign-on
Not currently supported. You will have to start the login process by navigating to
to begin the SSO login process. In Okta you can use a bookmark App to allow login from the app directory.
To finish configuration of Single Sign On for your Fullcast instance, you will need to file a ticket with the below details:
- The Sign in URL for your IdP
- The x509 Signing Certificate in either PEM or CER format (see above)
You can alternatively contact your Fullcast Business Partner.