Integration Steps
1. Configure HostedScan as Service Provider
Step 1.1: Access SAML Settings
- Log in to your HostedScan account
- Navigate to Settings → SAML SSO
- Ensure you're on the Premium plan (upgrade required if not)
Step 1.2: Access Service Provider Metadata
- In the SAML settings, you'll find a link to your Service Provider Metadata
- This metadata contains:
- Entity ID (SP Identifier)
- Assertion Consumer Service (ACS) URL
- X.509 Certificate for signature verification
- Supported Name ID formats
2. Configure Your Identity Provider
Step 2.1: Add HostedScan as Service Provider
- Log in to your IdP administration console
- Navigate to Applications or Service Providers
- Add a new SAML application/service provider
- Upload the HostedScan SP metadata XML
Step 2.2: Configure IdP Settings
Configure the following in your IdP:
- Name ID Format:
urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
- Sign Assertions: ✅ Required - Must be enabled
- Sign Requests: ✅ Required - Must be enabled
3. Complete HostedScan Configuration
Step 3.1: Obtain IdP Metadata
- From your IdP, download the Identity Provider metadata XML
- This must contain:
- IdP Entity ID
- Single Sign-On Service URL
- X.509 Certificate for signature verification
- Supported bindings and protocols
Step 3.2: Configure IdP Settings in HostedScan
- Return to HostedScan SAML settings
- Paste the IdP metadata XML into the configuration field
- HostedScan will automatically extract:
- IdP Entity ID
- SSO URL
- X.509 Certificate