Setting up SAML Single Sign-On (SSO) for ELSA Business

This guide outlines how to configure your Identity Provider (e.g., Microsoft Entra ID, Okta, Google Workspace) to enable Single Sign-On for your users in ELSA.

Step 1: Service Provider Details (What We Provide)

1. First, please contact ELSA Customer Support to request for the ACS URL and SP Entity ID.
2. Then create a new SAML Application in your Identity Provider and insert the credentials received. These tell your system where to send the login requests.
   • ACS URL (Reply URL): [https://auth.elsanow.io/Tnd...IV7LP4](https://auth.elsanow.io/Tnd...IV7LP4) (example)
   • SP Entity ID (Identifier): [https://auth.elsanow.io/Tnd...IV7LP4](https://auth.elsanow.io/Tnd...IV7LP4) (example)

Step 2: Configuration & Mapping (What You Do)

Once you have entered the URLs above, you must configure how your system sends user data to us. ELSA requires specific user details of the student to successfully create or log in a user. Please configure your system to send the following attributes.

Required Data

Attribute Name to Send

Email Address

email OR http://.../emailaddress

First Name

firstName OR http://.../givenname

Last Name

lastName OR http://.../surname

Step 3: Final Exchange (What You Send Back)

To finish the connection, we need your system's configuration file.

1. Locate the Metadata XML file in your Identity Provider (often found under "Sign On" settings, "App Federation Metadata," or "IDP Metadata").

2. Download the XML file.

3. Send the XML file to your ELSA representative.

Once we receive your Metadata file, we will complete the setup and notify you when SSO is active.