How to Request a Single Sign-On (SSO) Integration for Your Application

The purpose of this document is to provide guidance for users on how to request a single sign-on integration with their new cloud service or application.

Setting up Web Single Sign-On (SSO) enables Rice community members to securely log in to new cloud services or applications using their standard Rice NetID and password. The integration process requires coordination between you (the application owner), the external vendor, the Information Security Office (ISO), and the Identity and Access Management (IAM) team.

Important Prerequisite: The Identity and Access Management team cannot proceed with an SSO integration until the Information Security Office (ISO) completes a vendor security assessment. All external vendors or cloud services must be vetted to ensure they meet Rice's security requirements. To request a security review, please submit a ticket at helpdesk@rice.edu.

The WebSSO Integration Process

Infographic showing the steps required for a successful WebSSO Implementation

Depending on the application's needs, here is what you can generally expect during the SSO setup process:

  • Step 1: Submit Integration Details. Provide as much detail as possible about the application and the integration.
  • Step 2: IAM Team Review. The IAM team will receive your request, verify the Vendor Security Assessment (VSA) status with ISO, and review your integration details.
  • Step 3: Address Follow-ups. If more information is needed, the IAM team will contact the application owner and/or the vendor to clarify integration details. Note: The IAM team will work directly with the vendor's technical contact to work through complex configuration questions.
  • Step 4: Application Configuration. Once all necessary information is gathered and confirmed, the IAM team will configure the application to use SSO. The application will also need to be configured by the application owner or vendor to use SSO. 
  • Step 5: Prepare for Testing. The IAM team will notify you when the configuration is complete and ready for your testing.
  • Step 6: Final Test & Go-Live.  Following successful testing between the Service Provider (the vendor's application) and the Identity Provider (Rice), the integration is complete, and the request will be marked as resolved.

What You Can Do to Speed Up the Process

When you submit your integration details (Step 1), gathering the following vendor information upfront will significantly expedite the integration process:

    • The Rice service owner: Who will be the service administrator on the Rice side?

    • Vendor technical contact: The vendor's SSO technical contact (usually a specialized engineer, not general customer support).

    • Vendor documentation: Any documentation or guides the vendor can provide about their specific SSO requirements.

    • Application usage details: Knowing who at Rice should have access, what user attributes are expected (e.g., email, first name, last name), and how users will be added to the system.

    Tip: Feel free to share this information with your vendor ahead of time: Rice uses Shibboleth as our identity provider (IdP), and our required setup file (metadata) can be found at https://idp.rice.edu/idp/shibboleth.


    Keywords:
    SSO, sso, SAML, saml, iam, integration, application 
    Doc ID:
    161599
    Owned by:
    Ajsia J. in Rice U
    Created:
    2026-05-27
    Updated:
    2026-06-04
    Sites:
    Rice University