SAML 2.0 Support
TimeClock 365 supports SAML 2.0 as a Service Provider (SP). Any identity provider that is SAML 2.0 compliant can be used for SSO — including PingFederate, Auth0, OneLogin, ADFS, and others.
Configuration
- Standard SP-initiated and IdP-initiated SSO flows
- Attribute mapping — user fields mapped from IdP assertions
- Group-based access — SAML groups map to access control permission groups
- Signed assertions — required for security compliance
- Certificate rotation — supported without downtime