Enabling SAML-Based Single Sign-On (SSO)

 

Overview

SAML-based single sign on (SSO) gives members access to DvSum through an identity provider (IdP) of your choice.

SSO, or Single Sign-On, is a service for session and user authentication. It enables users to use a single set of login credentials to access multiple applications. This simplifies the management of various usernames and passwords for both enterprises and individuals.

DvSum enables you to secure your account by providing Web SSO capabilities based on popular standards such as SAML-based identity provider, allowing your enterprise user directory or third-party IdP to secure your applications via standards-based security tokens.

Certified identity providers:

  • ADFS
  • Microsoft Azure
  • Okta
  • OneLogin

Detailed Steps

Step 1 Log in to your Owner account ➔ Go to the Administration tab ➔ Select Manage Account ➔ Click on SSO.

mceclip0.png

Step 2 Click the button "Add Identity Provider" to navigate to the following form.

mceclip1.png

Step 3 Download the DvSum SP Metadata file and configure your IdP to add DvSum as an application.

(If using Okta, refer to this article: Configure SAML for Okta.)

Step 4 Fill the form with all the required fields.

mceclip2.png

  • Provider Name - Give a unique provider name in case you have multiple IdP's. The Provider Name cannot be updated once configured. Provider Name can only be alphanumeric and must be 3 to 32 characters long and must start with a letter and cannot have special characters or spaces.
  • Identifier - This is your company's domain name, e.g. mycompany.com.
  • IdP Metadata - This is the metadata information from your Identity Provider. You can either provide a url, or you can upload a local copy of the metadata file.
  • Attributes - DvSum requires one attribute:

Step 5 Click Save. You will be directed to the IdP Listing page.

mceclip3.png

When at least one IdP is added, the Single Sign-on button can be enabled/disabled.

Step 6 When a user enables the SSO Toggle button, he will be prompted with a confirmation:

mceclip4.png

After clicking OK, SSO will be enabled in Test Mode.

mceclip5.png

All administrators will receive an email notification informing them of this change.

mceclip6.png

Note: In Test mode, Single Sign-On will exclusively apply to all administrators. They have the option to test their login using either the corporate email ID or basic authentication credentials. This adjustment will not affect Super users or regular Users, and they will continue to log in using basic authentication.

 

Step 7 After the Admin successfully verifies the SSO corporate login in Test mode, they can proceed to enable SSO in Live mode.

When you make Single Sign-on live, all active users of DvSum will be required to use their SSO credentials to sign-in. Their existing DvSum passwords will be deleted. An email notification will be sent to all the active users of DvSum.

mceclip0.png

An email will also be sent to all active users and they will not be able to login using Basic authentication

mceclip1.png

 

Step 8 If Owner again turns off the SSO configuration from Manage account, again email will be sent to all users.

Note: When Single Sign-On is disabled, all users will be authenticated by the Basic Authentication process, requiring them to set up a password. An email will be sent to all active users, notifying them of this change and providing a unique temporary password so they can continue using the DvSum application. Users will be required to change this password upon their next login.

mceclip2.png

mceclip3.png

 

SAML Configuration to Okta: 
Please use following link to configure SAML integration for your Okta application. 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk