Infos zum Start & Grundlagen
EinleitungOrganisation, KanΓ€le und MixesPosts, Karten & Content TypenRollen fΓΌr NutzendeCommunity FunktionenMobile Apps & Web AppFunktions-& LeistungsbeschreibungTech StackSupportDatenschutz
Grundlage Datenschutzkonzept(e)NutzungsauswertungVerwaltung Zugangsdaten der NutzendenPersonenbezogene Daten und DatenkategorienInhalte in App und WebAuftragsdatenverarbeiterTOMsInformationssicherheit
Informationssicherheit bei tchopSicherheitsrichtlinie ISO27001 ZertifikatSicherer ZugangSchwachstellenanalyseRisikoanalyseKommunikationsmatrixApp Customization & Deployment
Bereitstellung AppsMobile App Deployment & Vertrieb
App CustomizationApp UpdatesSSO via SAMLSSO via Open ID ConnectAnalytics & Reporting
Grundlagen KPIsAnalytics DashboardProjektsteuerung
Arbeitspakete & TimelineEnablementLaunch & OnboardingBetriebsratBeispiele & VorlagenSonstiges
Feature RoadmapLanguages
EnglishAOK Hessen
- AOK Hessen
- Overview
- Client's SAML Configuration Details
- Requirements from Client
- Configuring single sign-on with OpenID Connect
- Configuring single sign-on with SAML
Overview
This document outlines the process for setting up a replying trust identity for the client, AOK Hessen, in collaboration with tchop. The integration involves utilizing the SAML 2.0 Web SSO protocol to establish a secure authentication mechanism.
Below tchop provides the necessary federation meta URL and callback URL, along with mandatory and optional claims and attributes required for user identification and access. Additionally, the document specifies the information needed from the client to complete the setup process, ensuring seamless functionality and testing post-implementation.
Additionally, steps to set up Relying Party trusts using Microsoft Active Directory Federation Services (AD FS) can be found here: Create a Relying Party Trust.
For visual reference and further understanding, you can watch this YouTube video: Setting up Relying Party Trusts.
Client's SAML Configuration Details
- Federation meta URL:Β https://tchop.it/api/webapp/sso/saml/metadata.xml?organisation=aokhessen
- Call back/Redirect/ Reply URL:Β https://tchop.it/api/webapp/sso/saml/callback?organisation=aokhessen
- Supported SAML 2.0 Web SSO Protocol
- Claims & Attributes
- Mandatory Claims
- Full Name
- sub (external user id)
- Optional Claims
- Position
- Department
- Phone Number
- Custom Fields
Requirements from Client
- SAML SSO URL / SignIn Page
- Certificate Fingerprint or App Federation Metadata URL
By following this structured approach, we aim to ensure a smooth and efficient setup process, fostering a reliable and secure authentication mechanism for AOK Hessen.
Configuring single sign-on with OpenID Connect
Redirect URLs:
Web App:
Configuring single sign-on with SAML
Web App
- Metadata URL: https://tchop.it/api/webapp/sso/saml/metadata.xml?organisation=aokhessen
- Metadata XML file:
to be provided once we get info from client - Callback/Reply URL: https://tchop.it/api/webapp/sso/saml/callback?organisation=aokhessen
- Certificate Fingerprint
to be provided once we get info from client - Direct SAML login link for Web App: https://news-aokhessen.tchop.it/webapp/auth/login?loginSAML=true