SAML SSO Partner Analysis Form
Please review and complete the following form to provide all necessary information for your SAML SSO integration setup with Candescent Digital Banking.
Partner Information
| Field | Value |
|---|---|
| Partner Name | |
| Primary Project Contact | |
| Phone Number | |
| Email Address | |
| Primary Technical Contact | |
| Phone Number | |
| Email Address |
Application Details
| Field | Value |
|---|---|
| Application Name | |
| Application Description | |
| Service Provider Entity ID |
Endpoint Configuration
Production Environment
| Field | Value |
|---|---|
| Assertion Consumer Service URL | |
| Encryption Certificate |
Test/Stage Environment (if different)
| Field | Value |
|---|---|
| Test URL Endpoint | |
| Test Encryption Certificate |
Certificate Format
The certificate should begin with the following header:
-----BEGIN CERTIFICATE-----
Payload Details
| Field | Value |
|---|---|
| Required Data Fields | |
| Additional Data Fields Requested |
Technical Requirements Checklist
Please confirm the following requirements are met:
- Assertion Consumer Service URL supports HTTPS on port 443
- X509 Certificate from trusted CA (production) or self-signed (test)
- System time synchronized via NTP
- Able to process encrypted SAML assertions
- Able to validate SAML assertion signatures
- TLS 1.2+ supported for all communications
Security Algorithm Preferences
Digital Signature (select one)
- RSA SHA256 (Recommended)
- RSA SHA384
- RSA SHA512
- RSA SHA1
Encryption (select one)
- AES-128 (Recommended)
- AES-256
- Triple DES
Multi-FI Vendor Information
If your application will be available to multiple Financial Institutions:
| Field | Value |
|---|---|
| Static Endpoint URL | |
| Static Encryption Certificate |
Important
For multi-FI vendors, the endpoint URL and encryption certificate must remain static across all FI implementations. This enables Candescent to scale the connection efficiently.
Additional Notes
Please provide any additional information relevant to your integration:
[Your notes here]
Submission Instructions:
Please return this completed form to your assigned Candescent Integration PM.
Your PM will review the information and follow up with:
- Federation Registration metadata (optional)
- X509 Certificate for verifying SAML signatures
- Identity Provider Entity ID
- Access to test environment