Stellar moved there SAML setups to a new type and we need to update the information we have to work with there new process, luckly its mainly the same setup as we did before.
Process
1. Open the form they have online I am opening this Vendor Intake Form on this page
https://marketing.stellarmls.com/acton/rif/39752/s-084f-2412/-/l-044f:29/l-044f/showPreparedMessage?utm_term=Bct&utm_campaign=Urgent%20Action%20Required%3A%20New%20SSO%20Platform%20Integration&utm_content=email&utm_source=Act-On+Software&utm_medium=email&cm_mmc=Act-On%20Software-_-email-_-Urgent%20Action%20Required%3A%20New%20SSO%20Platform%20Integration-_-Bct&sid=TV2:vYE8U3jao
2. Fill in all the fields with the required data
Application Name - GrowthZone (FCAR) - Update FCAR with the whatever the client is currently using for there Service Provider Acronym
Submitter's First and Last Name - Your First and Last Name
Submitter's Email - websupport@growthzone.com
Is this submission for a staging or production environment? - Production
Do you have a staging environment? - Other
Details - We have a staging environment but not for this specific customer. So, ids would not line up.
Description - GrowthZone software is a powerful tool to grow membership, productivity, and member engagement.
Home Page URL - https://www.growthzone.com/
Sign-On URL - {customers domain}/MIC/SamlLogin?returnUrl=/MIC/Link/InfoHub - eximple of a customers domain is https://flaglercountyassociationofrealtors1.growthzoneapp.com
Application Type - SAML2
ACS URLs -
https://growthzoneapp.com/auth/saml/assertion
https://growthzoneapp.com/MIC/saml/assertion
Encryption - AES_256
Entity ID - spGrowthZonePingFCAR - Update FCAR with the whatever the client is currently using for there Service Provider Acronym
SLO Endpoint - https://growthzoneapp.com/auth/saml/logout
SLO Response Endpoint - EMPTY
SLO Window - 2 hours
SLO Binding - HTTP Post
Subject NameID Format - urn:oasis:names:tc:SAML:1.1:nameidformat:emailAddress
Assertion Validity Duration - 60
Target Application URL - The Customers domain so an exaimple would be https://flaglercountyassociationofrealtors1.growthzoneapp.com
Enforce Signed AuthnRequest - No
Do you have security Controls In place? - Yes
List any third party security certifications you have, such as SOC2, ISO, PCI. - We do not currently hold formal certifications for PCI DSS or SOC 2. GrowthZone uses industry best practices and standards based on PCI DSS 4.0 and SOC 2 guidelines.
Do you have an incident response plan to notify partners? - Yes
Upload a Blank Document for the Incident Response Plan, we have an agreement with them on this already.
I recommend that you record what you create for the Entity ID as you will need to create a new SAML Identity Providers using this information in a day or 2.
Once you submit the form Stellar should email us a metadata file with a bunch of information in a day or 2 the email should got to websupport@growthZone.com so it should make a new ticket.
With this ticket you should be able to update the customer with a new SAML IDP using the steps outlined in the normal SAML update process.
Once this is done update the Jira Here
https://micronetonline.atlassian.net/browse/GZ-57160
with the information that it was completed
This is the list of customers to update
1623 WEST VOLUSIA ASSOCIATION OF RE - I have filed out the form and sent the information over
spGrowthZonePingWVAR
StellarMLS (WVAR)
2114 East Polk County Association of Realtors®
2137 REALTORS® ASSOCIATION OF LAKE
2182 Gainesville-Alachua County Association of REALTORS®
2220 Englewood Area Board of REALTORS®
2601 Lakeland REALTORS®