This information applies to Talis Elevate and SAGE Catalyst which is also powered by the Talis Elevate platform.
Getting started
If your institution doesn't currently use Talis products, we will need to liaise with your IT Team so that we can configure our systems to use your University login and create a seamless experience for you and your students.
Outline of steps
- Contact your IT Department
- Give them the information in the rest of this article
- Your IT team then need to pass back to Talis
- The information requested below
- The name and email of an IT contact person
Configuring Talis Elevate for institutional login
Talis needs to trust your Identity Provider. The University needs to trust our Service Provider.
- Talis need to know what your EntityID is
- and if it appears in a federation we can look up your metadata from there.
- If your EntityID is not registered with a federation, then we need a direct link to your signed metadata.
The entityID and location of our metadata for the Talis Elevate login Service Provider is:
EU APAC - https://login.talisaspire.com/entity
Canada North America - https://login.ca.talis.com/entity
Smoothing the user experience
To allow us to utilise your institutional login mechanism, your IT department will need to send us the following pieces of information to fill out the required fields in Talis Elevate user profiles. These should be sent as SAML attributes.
Each university will have its own specific mix of authentication systems and data flows. The administrator of your university SAML2 Identity Provider (IDP) will need to configure this.
Talis are happy to have a conversation with your IT team to answer any questions they may have.
SAML Attribute Name in the eduPerson Object Class Specification | Talis Elevate Profile Field |
Description |
Mandatory urn:oid:1.3.6.1.4.1.5923.1.1.1.10 |
Targeted ID | A unique obfuscated identifier. We are aware that in future versions of eduPerson this will be deprecated. Transition information will be communicated at the appropriate time. |
Desirable One of the following: givenName |
First Name | The first or given name of the user |
Desirable One of the following: sn |
Surname | The Family or Surname of the user |
Desirable One of the following:
|
Email Address | The email of the user. |
If the SAML attribute names do not appear exactly as described above, then the value will not be included in the user's profile. Additional attributes may be mapped if required, but we'd need to discuss this with your authentication team.
On the Talis Side
Talis can help you test that the required parameters are being passed correctly. We will provide you with test links that you can use to see which attributes are being released to Talis.
Important Notes
- Profile name, surname and email are automatically updated on every login if those values change in the SAML attributes.
- Users can not normally edit their names or emails in their Talis Elevate profile. All changes for names and emails would be fed through from the university provided SAML attributes.
- If an attribute is not set, then users will be asked to fill in missing fields themselves.