Single Sign On (SSO) using SAML

Security Assertion Markup Language (SAML) is an open standard for authentication and authorisation, enabling secure single sign-on (SSO) across different systems and platforms. Enable and configure this integration to allow users to sign in using their existing institutional credentials, eliminating the need to manage separate Connect accounts for your staff users.

Jadu Connect supports a number of popular Identity Providers (IdP) such as:

Microsoft Entra ID (Microsoft Azure Active Directory)
Microsoft Entra External ID
OneLogin
Shibboleth

note

The integration has been tested against Microsoft Entra External ID, Microsoft Azure AD and Shibboleth, other identity providers (IdP) that support SAML 2.0 can also be used with this integration

Jadu Connect allows Staff and non-Staff user accounts to be configured separately for SSO, enabling different authentication approaches for internal and external users.

Connect defines Staff and non-Staff accounts as:

User Type	Description
Staff	Staff users are internal users who belong to the organisation operating Connect. They typically: Are employees or contractors of the organisation Authenticate using the organisation’s identity provider (for example, via SSO) Access Connect to manage, process, or administer cases and workflows Have elevated permissions compared to external users Example: council officers, university staff, internal support teams.
Non-Staff	Non-staff users are external users who do not belong to the organisation’s internal workforce. They typically: Are members of the public, students, applicants, or partners Authenticate using a public or self-service account (for example, email and password) Access Connect to submit forms, track requests, or interact with services Have limited, role-specific access Example: residents, applicants, parents, students, or suppliers.

User Type

Description

Staff

Staff users are internal users who belong to the organisation operating Connect.

They typically:

Are employees or contractors of the organisation
Authenticate using the organisation’s identity provider (for example, via SSO)
Access Connect to manage, process, or administer cases and workflows
Have elevated permissions compared to external users

Example: council officers, university staff, internal support teams.

Non-Staff

Non-staff users are external users who do not belong to the organisation’s internal workforce.

They typically:

Are members of the public, students, applicants, or partners
Authenticate using a public or self-service account (for example, email and password)
Access Connect to submit forms, track requests, or interact with services
Have limited, role-specific access

Example: residents, applicants, parents, students, or suppliers.

SAML authentication integrations

Jadu Connect provides two SAML authentication integrations:

SAML Admin Authentication used to configure Single Sign On for staff users
SAML User Authentication used to configure Single Sign On for non-staff users

Both integrations use the same settings and behave in the same way unless otherwise stated.