The Fleetsu SSO integration allows you to authenticate supported SAML Identity Providers with Fleetsu. If your users already have a login to a company portal or intranet SSO might enable them to re-use those credentials to access Fleetsu. Fleetsu supports both IDP initiated and SP initiated authentication as well as user auto-provisioning with key user attributes.
Prerequisites:
Before you begin you will need:
- SAML based identity providers such as Microsoft ADFS, Auth0, Onelogin, Okta
- Administrative permissions to configure the Identity Provider
SSO Endpoint addresses:
Configure your Identity Provider with the following SAML/SSO options (please note if you use a custom domain, please replace app.fleetsu.com with your custom Fleetsu domain.)
- Fleetsu’s SSO Metadata file: https://app.fleetsu.com/v1/sso/metadata
- Audience (EntityID): https://app.fleetsu.com/v1/sso/metadata
- Recipient (Endpoint): https://app.fleetsu.com/v1/sso/acs
- Logout URL: https://app.fleetsu.com/v1/sso/sls
- Login URL: https://app.fleetsu.com/v1/sso/login
SSO attributes required:
| SSO Attribute Name | Value | Required |
| NameID | email address | Y |
| FleetsuRole | driver user supervisor manager sadmin | N – defaults to User if not present |
| FirstName | User First Name | Y |
| LastName | User Last Name | Y |
| PhoneNumber | User phone number (with +xx if available, otherwise defaults to account country code) | N |
| ProfilePictureUrl | URL of avatar image (must be publicly available without authentication) | N |
Once you have configured your SSO provider, please send the following information back to your Fleetsu technical representative to finalise the configuration:
- Your Identity Provider metadata.xml file
or
- EntityID
- SSO Service URL
- SSO Logout Service URL
- x509 Certificate
Testing and Validation
Once everything is configured, you can access the following URL to validate if all attributes have been set up successfully.