Certiverse SSO SAML Configuration

Certiverse SSO SAML Implementation

Accessing the SSO Configuration

1. Log in to Certiverse
2. Navigate to the Admin Portal
3. Select the Connectors tab
4. In the left menu, choose SSO
5. Click Connect on the Certiverse SSO card
6. Click Add Connector (top-right)

Connector Setup

General Settings

• Connector Type: SSO
• Connector Name: Display name for the connector (auto-populated)

SSO Settings

• Display Name
  The name shown to the candidate if they are prompted to choose a login option.
• Provider Name
  A unique identifier for the SSO connection.
• Landing Page Code
  A value appended to the end of the SSO URL to deep-link into this specific connection.
• Type: SAML
• Provider ID
  The unique identifier provided by the partner’s IdP (often manually entered by an admin, if a developed requires access to the environment please contact your Certiverse Customer Success Manager for temporary access).
  • This is often referred to as the Entity ID.

SAML Configuration

There are two configuration options:

1. Metadata URL (Preferred)

Most IdPs provide a metadata URL.

• Metadata URL: Provided by the IdP

1. Manual Setup

If a metadata URL is not available, the following fields are required:

• Authorize Endpoint
  URL provided by the IdP to initiate SAML authentication.
  Also referred to as:
  • IdP SSO URL
  • SingleSignOnService Location
• Signing Certificate
  The IdP’s public X.509 signing certificate, provided as a Base64-encoded string (usually starting with MI).
  This certificate is used to validate the authenticity and integrity of SAML responses.
• Test Mode
  Used during testing. When set to true:
  • The SSO connection is not publicly available
  • Access is only possible via a deep link
  • Candidates cannot take exams while the connection is in test mode

Values Generated After Saving

Once the connector is saved, two values will appear in the UI. These must be configured in the organization’s IdP:

• Certiverse Entity ID / Provider ID
• Certiverse Callback URL

Enabling the SSO Connection

To activate the connection:

1. Navigate to the User Authentication tab on the Organization Edit page.
2. Click Assign SSO Connection
3. Select the connector you just created
4. Modify authentication behavior if desired

Additional Information:

1. Certiverse Production URL: https://certiverse.com/#/
2. Certiverse Sandbox URL: https://qa.pvalue.co/#/ 
3. User Authentication Settings:
   1. Display SSO Log-In option on Certiverse Home Page
      1. If toggled on, your organization will be listed under the Organization log-in button on the Certiverse home page (top right). Users will be taken to the SSO log-in flow for your organization if they select your organization.
   2. Require SSO Log-In for Candidates:
      1. If toggled on, all candidates will need to log-in using a configured organization SSO to book or take exams. Candidates who create a Certiverse account, without the organization SSO, will not be able to book or take an exam.
      2. Organizations can allow both SSO-directed candidates and non-SSO directed candidates to book exams. To utilize this feature, simply leave Require SSO To Book an Exam toggle off, when assigning the SSO Connection to your Organization.
   3. Block SSO Log-In from Certiverse and Display Log-In Instructions
      1. If your organization requires candidates to begin their SSO log-in journey from another site, enable this feature, and add instructions along with the appropriate URL for where they should begin.

Contact Us

If you have any questions or need additional assistance, please contact us by emailing support@certiverse.com.