Deltek Talent Management

Using the Help Search
Using the Help Search
  • Phrase:Returns all topics that contain the exact phrase in the search criteria. Use quotation marks around the phrase.
    Ex."system administration"
  • And:Returns all topics that contain all the words in the search criteria, in any combination. Insert a plus sign between all words in the search criteria.
    Ex.system + administration
  • Or:Returns all topics with any combination of words in the search criteria. This is the default.
    Ex.system administration
For more information:Searching Online Help

Single Sign On All In One Setup Screen

Members of the Configurator group whose company has enabled the global Single Sign-On (SSO) feature can manage the communication between Talent Management as service provider and third party identity providers.

Contents of this Screen

To access the Single Sign On All In One Setup feature, you must:
  • Belong to the Configurator group in Talent Management.
  • Enable the global SingleSign-On (SSO) feature for your company (Administration » Global Settings » System Administration » Features >> Core >> Single Sign-On).

To use Single Sign On All in One Setup, Talent Management must serve as the service provider and other third party providers, such as Azure, Okta, ADFS, or Google must serve as the Identity Provider. Clients are required to configure SSO on their third party Identity Provider's side.

Note: The Single Sign On All in One feature currently supports only SSO with SAML IDP.
Field Description
Remote Metadata URL This is the URL used to retrieve the metadata form.
The Service Provider Identity ID This is the name by which this Single Sign On integration is identified on the vendor side. To update this field, go to Administration >> System Administration >> System Settings >> Integrations >> The Service Provider Identity ID.
Service Provider Encryption This indicates whether encryption is turned on. It can be set to Enabled or Disabled. To update this field, go to Administration >> System Administration >> System Settings >> Integrations >> Service Provider Encryption.
Single Sign On Encryption Algorithms This is the algorithm used by the Identify Provider to encode the assertions. To update this field, go to Administration >> System Administration >> System Settings >> Integrations >> Single Sign On Encryption Algorithms.
Name ID Claim This is the claim type that provides the UID attribute in the request. This is used to identify the user in the system. To update this field, go to Administration >> System Administration >> System Settings >> Integrations >> Name ID Claim.
Email Claim This is the claim type that provides the email/ login attribute in the request. This is used to identify the user in the system. To update this field, go to Administration >> System Administration >> System Settings >> Integrations >> Email Claim.
ADFS Name ID Policy This is the format of the Name ID element carrying the main identification for the integration. This is used to grant access to the user. To update this field, go to Administration >> System Administration >> System Settings >> Integrations >> ADFS Name ID Policy.
Single Sign On Relay State This is the URL where a user is redirected after successful login. The post login logic to configure the SSO is housed here. To update this field, go to Administration >> System Administration >> System Settings >> Integrations >> Single Sign On Relay State.
SP: Assertion Consumer Service URL This is the location of the AssertionConsumerService endpoint for SP where IDP sends responses. If this location is empty, the URL from the request is used. To update this field, go to Administration >> System Administration >> System Settings >> Integrations.
SP: SAML Metadata

This is the XML document that contains the information necessary for interaction with Talent Management, such as URLs of endpoints.