This guide walks you through configuring Single Sign-On (SSO) between your custom SAML 2.0 identity provider (IdP) and RollCall.
Overview
By completing this setup, your users will be able to:
Log into RollCall using your organisation’s existing authentication system
Avoid managing separate passwords
Experience a secure and seamless login process
Before You Begin
Make sure you have:
Admin access to your Identity Provider (IdP)
Access to the RollCall SSO Setup Wizard
Your school’s RollCall domain (e.g.
schoolname.rollcall.com.au)Basic familiarity with SAML configuration
⚙️ Step-by-Step Configuration (Custom SAML)
Step 1 – Access Your Identity Provider
Log into your SAML Identity Provider admin console
Ensure you have permissions to create/manage applications
Step 2 – Create a New Application
Create a new SAML application / Service Provider integration
Name the application:
RollCall (recommended)
Step 3 – Configure Service Provider Details
Set the following values in your IdP:
| Field | Value |
|---|---|
| Entity ID | Your school’s unique identifier (e.g. bmgRollCallSSO) |
| ACS URL | https://konect-api-v2.rollcall.com.au/rollcall-sso/v1/acs/ |
| Binding | POST |
? These values identify RollCall as the Service Provider (SP).
Step 4 – Configure Attribute Mapping
Map the following attributes from your IdP:
| RollCall Attribute | Description |
|---|---|
| User’s email address (required) | |
| firstName | User’s first name |
| lastName | User’s last name |
| role | (Optional) User role if applicable |
? Important:
The email attribute is required and must match the user’s email in RollCall.
Step 5 – Export SAML Metadata
Export or download the SAML Metadata XML file
orCopy your Metadata URL (if available)
? This will be uploaded into RollCall.
Complete Setup in RollCall
Once your IdP is configured:
Open the RollCall SSO Setup Wizard
Upload or paste your metadata XML / URL
Confirm attribute mappings
Run a Test Login
Click Activate SSO
Testing the Integration
Before going live:
Use a test account
Confirm:
Successful login via your IdP
User is matched correctly in RollCall
❗ Troubleshooting Tips
| Issue | Likely Cause | Solution |
|---|---|---|
| Login fails | Incorrect ACS URL | Verify endpoint configuration |
| User not found | Email mismatch | Ensure IdP email matches RollCall |
| Missing user data | Attribute mapping incorrect | Check attribute configuration |
| Authentication error | Certificate/metadata issue | Re-upload metadata |
? Key Notes
RollCall uses email address as the primary identifier
SAML responses must include required attributes
SSO must be activated after successful testing
Each school’s configuration is secure and isolated
✅ Summary
By completing this setup:
Users log in via your custom identity provider
Authentication is handled securely via SAML 2.0
RollCall integrates seamlessly with your existing systems
Here to link to:
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article