Single Sign-On (SSO)

Single Sign-On is the standard method Texas State uses to allow users to log into third party or cloud applications using their NetID and password. There are two options to choose from: Entra ID and Shibboleth

  • Available to: Faculty, Staff, Students
  • Where to use: Online
  • Cost: Free

Get Started

Step 1. IMPORTANT: Before submitting the request, you must gather the below information. Contact the Vendor for details.

  1. Application Name
  2. Vendor Name and Contact information
  3. Application Procurement Status
    • Procurement request ticket number if the request is still open
  4. Landscapes Available by Vendor/Service Provider (PROD, QUAL)
  5. SSO Type Being Requested (Entra ID or Shibboleth) - Learn the difference between Entra ID and Shibboleth.
    • Shibboleth
      • Vendor is a member of InCommon
      • Vendor/Service Provider Entitle ID
      • Application Supports Encrypted Assertions (Yes or No)
      • Application Supports Signed Assertions (Yes or No)
      • Application is SAML2 Compliant (Yes or No)
    • Entry ID
      • Application Support Types (OIDC or SAML)
      • Vendor Supports SCIM for User Provisioning (Yes or No)
      • Application is Published in the Azure AD Enterprise App Gallery (Yes or No)
        • If Yes, Application Name as it Appears in Azure AD Enterprise App Gallery
      • Restrict Access to Specific People or Security Groups
  6. Metadata URL or XML file - Learn more about Metadata.
    • Metadata is required. TXST does not create metadata for vendors.
  7. SSO Attributes
    • Any additional attributes not on the standard list
  8. A copy of the privacy policy (or URL) that governs what is done with data released

Step 2. Submit the Single Sign-On (SSO) request.

Step 3. After approval by the Information Security Office, Texas State will configure a trust relationship with the Service Provider in a QUAL environment on our end and preferably in a non-production environment on the SPs end also. Once validated, we duplicate the settings in production.

NOTE: Texas State does not offer vendors a test account. We test the functionality of the connections with the vendor and help them troubleshoot any issues as they arise.

Texas State Identity Provider (IDP) endpoints:

Environment 

 Entity ID and Metadata URL
Production (PROD) https://authentic.txstate.edu/idp/shibboleth
Quality Assurance (QUAL) https://authentic.qual.txstate.edu/idp/shibboleth

List of attributes Texas State can potentially make available to Service Providers.