Support

Knowledge Base  /  Frequently Asked Questions  /  RoomAlert.com

How To Configure SAML Single-Sign-On In Your RoomAlert.com Account

If your organization’s Room Alert Account has been upgraded to the Enterprise level or higher, you may configure the account for SAML Single-Sign-On (SSO). Along with mitigating password-related security risks, enabling SAML SSO gives you the ease of managing users through your own centralized user management system.

Any administrator or provisioner* can enable or disable SAML SSO in RoomAlert.com. This is a global account setting, meaning that when it’s enabled, all users on the account must use SAML authentication; users can no longer log in with a password. *For more information, please see the “Types of user roles” section of our FAQ, How To Manage User Access To Your RoomAlert.com Account.

In order to set up SAML Login for Room Alert Account, you will need to configure settings with both RoomAlert.com and your Identity Provider (IdP).

Select the tabs below for more information.

How To Configure SAML SSO

Step 1: Initiate the SAML Login Configuration in Room Alert Account.

  1. Log in to your account at RoomAlert.com.
    • In order to configure SAML settings, you must log in as an administrator or provisioner.
  2. In the navigation bar to the left, select your organization name (or account name).
  3. Then select Manage Account.
  4. In the Manage Account page, select SAML Login.
  5. Then select Configure…
  6. The SAML Login Configuration form will load.
  7. Keep this form open as you go through the next steps.

Step 2: Begin configuring setting on your IdP’s side.

Depending on your Identity Provider (IdP), the names of required fields will vary.

  1. In a separate browser tab, go to your IdP’s settings.
  2. Create a new application for Room Alert Account within your IdP.
  3. Once the application is created, you can copy & paste each of the URLs from RoomAlert.com into your IdP:

Entity ID URL

https://account.roomalert.com/auth/saml/meta/example

Assertion Consumer Service URL

https://account.roomalert.com/auth/saml/acs/example

Single Sign Off Service URL

https://account.roomalert.com/auth/saml/logout/example

  1. Alternatively, you may use the metadata XML to automatically import these settings, rather than manually copying & pasting them.

Metadata XML URL

https://account.roomalert.com/auth/saml/meta/example

Step 3: Configure the attributes to be passed to Room Alert Account upon login.

Create assertions in your IdP for each of the required attributes.

  1. First, define or specify a unique identifier for each user (aka NameID).
    • This can be any identifier that is unique to the user within the context of this service. Ideally, this should be a field that doesn’t change.
    • If your identity provider provides the option, set the NameID Format to “persistent.”
  2. Next, configure the following attributes for each user:

First Name attribute

account.roomalert.com.givenname

Last Name attribute

account.roomalert.com.surname

Email attribute

account.roomalert.com.emailaddress

  1. Assign each user to your IdP’s new Room Alert Account application.

Step 4: Finish configuring settings in Room Alert Account.

  1. Return to the RoomAlert.com browser tab.
  2. Select the Edit button at the bottom of the form.
  3. Then enter the following settings:
    • In Identity Provider Entity ID, copy & paste the identifier from your IdP.
    • In Identity Provider Login URL, copy & paste the URL from your IdP.
    • In Identity Provider Certificate, copy & paste the certificate from your IdP.
      • To do this, first download the certificate (in PEM Base64 format) from your IdP. Open it in a text editor program, such as Notepad, and copy the certificate from there.
  4. Once you’ve entered your information into the form, select Save Changes.

Saving these changes does NOT enable SAML SSO for the account. That’s done in a later step.

  1. Then use the Test button to check that the SAML configuration works as expected.
  2. If the test is successful, you’ll see a confirmation message.
  3. Confirm that the message contains the correct information for the user you’re currently logged in as. Then select Continue to return to the SAML Login Configuration form.
  4. You can now enable SAML SSO on the account.
How To Enable SAML SSO

Please follow these instructions to enable SAML SSO for your organization’s Room Alert Account:

Before you begin, you must have successfully tested your SAML configuration. For instructions, please see the How To Configure SAML Login tab.

  1. Select Enable the bottom of the SAML Login Configuration form.
  2. Then in the confirmation box, select Enable SAML.

    Selecting this button will do the following:
    • Log out any users currently signed into the account.
    • Delete the passwords of any users on the account. While SAML is enabled, all users must log in via SAML SSO.
  3. You might see a message like this:
    • Users assigned to a SAML-enabled RoomAlert.com account cannot be assigned to multiple accounts. Before you can enable SAML, you must either remove these users from your account, or ask them to remove themselves from their other account(s).
    • After these users are removed, return to the form to enable SAML.
  4. Once SAML is enabled, you may add new users to your Room Alert Account through your identity provider’s user management system.
How To Disable, Edit & Delete Your SAML Configuration

In order to edit, test, or delete your SAML configuration, you must first disable SAML on the account. To do this, please follow these steps:

  1. First select the Disable button.
  2. In the confirmation box, please read the message about user passwords, and then select Disable SAML.
  1. Once SAML has been disabled, the Edit, Test and Delete buttons become available.
    • If you edit your SAML configuration, you’ll need to perform a successful test again before you can re-enable SAML.
    • If you delete your SAML configuration, you’ll see a confirmation dialog box. Select Confirm to complete the process.
What happens if your account upgrade lapses?

SAML Single-Sign-On is an Enterprise+ level feature at RoomAlert.com. If your organization’s account has SAML SSO enabled, and the account’s upgrade expires or is downgraded, SAML SSO will automatically get disabled.

This means that all users on the account will get set back to password authentication. Because their passwords were deleted at the time of enabling SAML, these users will now need to create new passwords with Room Alert Account’s Forgot Password? feature.

Even though SAML is disabled, the configuration is still saved in your account.

  • If you choose to upgrade your account again, you may re-enable SAML SSO without having to re-enter your settings.
  • If you do not wish to upgrade your account, you may contact AVTECH Tech Support to delete the SAML settings if desired.

Avoid the hassle of expired account upgrades—talk to your organization’s Product Specialist about Lifetime Room Alert Account.

Logging in to a SAML-enabled account

  • The first time a user logs in to a SAML-enabled Room Alert Account, they must do so through their IdP’s portal.
    • Alternatively, an administrator or provisioner on the account can share a login URL with the new user. To get the login URL, copy the Single Sign Off Service URL from RoomAlert.com and change the word “logout” to “login” as shown below.
  • After the initial login, the user will be able to log in through either RoomAlert.com or their IdP’s portal going forward.
Facebooktwitterredditpinterestlinkedinmail
Room Alert is Made in the USA, ships worldwide from our locations in the US and EU, and has been protecting facilities since 1988.

You may find Windows Command Prompt at the following path:

  • Windows 7 & 8
    Start--> All Programs--> Accessories--> Command Prompt
  • Windows 10
    Start--> All Apps--> Windows System--> Command Prompt

To run Windows Command Prompt as an administrator:

  • Windows 7 & 8
    Right-click on Command Prompt and select Run as administrator.
  • Windows 10
    Right-click on Command Prompt, select More and then select Run as administrator.

Example Polling Method Properties saved in Orion SolarWinds:

If you are using this client, you should configure the general SNMPv3 Credentials, but leave the Read / Write SNMPv3 Credentials section blank.

Room Alert Link- Supported Firmware Updates



Current S modelsCurrent E models
Room Alert 32SRoom Alert 32E
Room Alert 12SRoom Alert 12E
Room Alert 4E
Room Alert 3E

Room Alert Manager - Compatible Devices

The latest version of Room Alert Manager supports only the devices below.

It does not support any legacy Room Alert or TemPageR models.

Current S modelsCurrent E models
Room Alert 32SRoom Alert 32E
Room Alert 12SRoom Alert 12E
Room Alert 3SRoom Alert 4E
Room Alert 3E
Room Alert 3W