Single Sign On (SSO)
      Back to home
      1. Help and Support | Digital Theatre+
      2. Authentication
      3. Single Sign On (SSO)

      How can SAML SSO users sign in?

      This article describes how to login to Digital Theatre+ using SAML Single Sign On

      There are two methods that we support:

      1. When you sign in via the web site, we match your email domain to your Identity Provider and redirect you to sign in
      2. SAML Deeplink / WAYFless, the URLs are different depending on whether you're a federated IdP user (UK Federation, InCommon etc.) or not.

      Sign in via the web site

      Pre-requisites

      1. Your SAML Identity Provider (IdP) has been correctly configured.
      2. The Digital Theatre+ SAML Service Provider (SP) has been correctly configured.
      3. Your email domain(s) have been associated with your IdP in the SP

      Instructions

      1. Using your web browser, go to https://edu.digitaltheatreplus.com
      2. Click 'Sign In'
      3. Enter your email address and click 'Next'

      What to expect

      Based on your email domain, you will be redirected to your organisation's sign on system.  Once successfully authenticated, you will be returned to Digital Theatre+ and you will see you are signed in.

      Your details will be shown in the top-right of the page, and clicking on your details will display additional information, such as which organisation your account is associated with, and the Sign out button.  

      Image showing user profile panel

      Sign in using a SAML Deeplink (Non-federated)

      Pre-requisites

      1. Your SAML Identity Provider (IdP) has been correctly configured and is not a Federated IdP (UK Federation, InCommon etc.)
      2. The Digital Theatre+ SAML Service Provider (SP) has been correctly configured.
      3. You will need the ACS URL associated with your organisation's account.  The ACS URL contains a unique identifier associated with your organisation.  If you don't have this information, please reply to the support email thread, or contact our team and we can provide it.

      The SAML Deeplink

      The ACS URL will be: https://auth.digitaltheatreplus.com/sso/saml2/<your-organisation-unique-identifier>/home/oidc_client/0oacoxy6tIkmNtvy34x6/aln177a159h7Zf52X0g8?fromURI=https://edu.digitaltheatreplus.com/callback?fromAcs=true

      You must replace <your-organisation-unique-identifier> with the correct value for your account.

      Instructions

      1. Put the SAML Deeplink somewhere your users can find it.
      2. Let your users know that the SAML Deeplink is how they should sign in to Digital Theatre+

      What to expect

      When your users follow this link, they will be redirected to your SAML IdP and then to the Digital Theatre+ website, and be signed in.

      The process is illustrated below.

      Login with ACS URL Illustration

      SAML Deeplink (Federated)

      Pre-requisites

      1. Your SAML Identity Provider (IdP) has been correctly configured and is a Federated IdP (UK Federation, InCommon etc.)
      2. The Digital Theatre+ SAML Service Provider (SP) has been correctly configured.
      3. You will need to know your Entity ID

      The SAML Deeplink

      https://digitaltheatre.proxy.cirrusidentity.com/saml2/idp/SSOService.php?spentityid=https://auth.digitaltheatreplus.com&RelayState=https://edu.digitaltheatreplus.com/callback?fromAcs=true&IDPList=<Your entity ID>

      You must replace <Your entity ID> with the Entity ID for your ID

      Instructions

      1. Put the SAML Deeplink somewhere your users can find it.
      2. Let your users know that the SAML Deeplink is how they should sign in to Digital Theatre+