ARTICLE: How to configure Single-Sign-On with SAML within your Reach Portal
You can configure Single Sign On using SAML directly within your REACH portal at System Configuration > Authentication
Single Sign In will appear on the login screen for REACH with access to use the your school's Single Sign In authentication to access REACH.
How to Configure SAML in REACH
1. Create a SAML application in your IdP to represent REACH.
- This will need an "Entity Identifier", which for REACH will be https://<REACH Portal address>
- This will also need an "Assertion Consumption Service URL" or "ACS URL", which for REACH will be https://<REACH Portal address>/samlACS
2. As part of, or at the end of this creation process, the IdP will typically expose some information for copying or downloading, which you will need to put into the Authentication page in REACH (System Configuration > Authentication)
- Public signing certificate - enter this the Identity Provider Public Key(s) field
- SSO URL - enter this into the Identity Provider Login URL field
Suggested Support resources for various systems
You can access some official support guides for varioius systems at the links below:
- for Google GSuite go to
https://support.google.com/a/answer/6087519?hl=en - for AD FS you can go to
https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/create-a-relying-party-trust - for Azure aD you can go to
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/add-application-portal-setup-sso
Related Articles
ARTICLE: SAML 2.0 Authentication Module and AD FS v3
Overview Reach will allow authentication with SAML when the following items are provided: The SAML IdP landing page that authentication requests must be serviced by The Metadata file (with the security certificate embedded) for the IdP endpoint ...ARTICLE: Setting up Blackbaud ID Single Sign On
To set up Blackbaud ID SSO, login to your school's Blackbaud instance and navigate to Security Settings > Authentication Settings > SSO settings. Once there, add a new set of SSO settings. The only required field is the RedirectURL, which should be ...ARTICLE: System Configuration - General Settings
Items in the General Configuration relate to the primary settings that apply across all modules in Reach. School Name The school name is displayed in the top left-hand corner of REACH and is also used throughout all of your correspondence and ...ARTICLE: General System Configuration
General System Configurations Items in System Configuration > General, are the base settings of primary elements within REACH that apply across all modules. There are 33 actionable general settings that can be changed to suit preferences within your ...ARTICLE: Reach Screen Lock Security measure
Reach version 3.3.179 published on 6th June 2018 for Cloud portals has a new screen lock security measure which has been added to Reach to implement global best practice for access to private and secure databases. This update provides for an ...