This guide walks you through what we need from you to connect your career center to Personify when Personify is your identity provider (IdP), where to get it, and why each piece matters. Once we have the information, we handle the technical setup on our side.
Association admins who use Personify as their association management system and want members to sign in to the career center (or another integrated product) using their Personify login.
<aside> 💡
Quick answer — Send us your Entity ID, SSO URL (Single Sign-On URL), and IdP signing certificate (x509). Optionally, Logout URL if Personify supports single logout. You get these from Personify's SAML/federation or SSO settings (or from Personify support). We'll give you our ACS URL and Entity ID (or full SP metadata) so you can register our application in Personify. We handle the rest.
</aside>
When a member clicks to sign in from your career center:
To make that handoff work, we need to configure our system with Personify's IdP details, and Personify must be configured to trust our application (using the ACS URL and Entity ID we provide).
Send us these. Personify may expose them in an admin screen (SAML/federation or SSO settings), in an IdP metadata file/URL, or via their support team.
| What we need | Where to get it | Why we need it |
|---|---|---|
| Entity ID (Issuer) | In Personify's SAML/IdP or federation settings. Often a URI like https://yoursite.personify.com/saml or similar. Sometimes found in IdP metadata as entityID. |
Uniquely identifies your Personify IdP so we send the login request to the right place and validate responses. |
| SSO URL (Single Sign-On URL) | In Personify's SAML/IdP or federation settings. The URL where we send the user to log in (e.g. https://yoursite.personify.com/saml/sso). In IdP metadata it's the SingleSignOnService location. |
This is where we redirect the member so they can enter their Personify credentials. |
| IdP signing certificate (x509) | In Personify's SAML/IdP or federation settings, often as a download or copy-paste. In IdP metadata it's inside <X509Certificate>. |
We use it to verify that the login response really came from your Personify instance and wasn't tampered with. |
| Logout URL (optional) | If Personify supports single logout (SLO), this is the URL where we send logout requests. In IdP metadata it may appear as SingleLogoutService. |
Optional; enables single logout so signing out of the career center can also sign the user out of Personify (if supported). |
What we give you — We'll provide our ACS URL (Assertion Consumer Service URL) and our Entity ID (or a full SP metadata URL). You (or Personify support) must register our application in Personify with that ACS URL and Entity ID so Personify knows where to send the login response. If Personify accepts a metadata URL, we can share that so they can pull our settings automatically.