Feature Plan - Chouette - Authentication via SAML

Security Assertion Markup Language (SAML) is an open standard that allows identity providers (IdPs) to pass authorization information to service providers (SPs).

With this new feature, an SAML Identity Provider can be set up to manage authentication on our Chouette SaaS Organisation.

The users of our Organisation will be redirected to our SAML Identity Provider and must be authorized by this one to be able to use Chouette SaaS.

Set up an SAML Identity Provider in an Organisation

Authorized users can set up an SAML Identity Provider in their Organisation UI:

 

Chouette SaaS should be able to interact with the main SAML Identity Providers available on the market like Azure AD or Google Workspace.

New user login experience

When the user signs in Chouette SaaS, the first step is providing its account email. Then the next step will depend on the associated Organisation setup:

  • if no SAML Identify Provider is defined, the sign-in form asks the account password

  • if a SAML Identify Provider is defined, the user is redirected to the setup SAML login URL

User administration

With or without SAML Identify Provider, users are managed directly into the Chouette SaaS Organisation. New users, profile selection, workbench access, etc. are managed via the Chouette SaaS interface.