SAML-based single sign on (SSO) gives members access to DvSum through an identity provider (IDP) of your choice.
Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials to access multiple applications. SSO is used by enterprises and individuals to ease the management of various usernames and passwords.
DvSum enables you to secure your account by providing Web SSO capabilities based on popular standards such as SAML-based identity provider, allowing your enterprise user directory or third-party IdP to secure your applications via standards-based security tokens.
Many providers we work with are as under:
- ADFS
- Microsoft Azure
- Okta
- OneLogin
Lets get started the steps involved in setting up and enabling Single Sign-on
Step 1 Login to your Owner account. Administration tab > Manage account > SSO
Step 2 Click on Add IDP button and user will be navigated to below form
Step 3 Download SP Metadata file and configure with your IDP (Link attached below for configuring OKTA, Azure IDP)
Step 4 Fill the form with all the required fields
Provider Name Give a unique provider name in case you have multiple IDP's. Name cannot be updated once configured. Provider Name can only be alphanumeric and must be 3 to 32 characters long and must start with alphabets and cannot have special characters or spaces.
Identifier This is your company's domain name e.g dvsum.com.
Attributes Please find the attributes information in your idp's metadata and map the attributes to dvsum SAML attributes.
Step 5 Click on Save button and user will be navigated to IDP Listing page
As soon atleast one IDP is added, Single Sign-on button can be enabled /disabled
Step 6 As soon User clicks on SSO Toggle button, User will be prompted with the following image
On clicking OK button, SSO will be enabled in Test Mode
An email will be sent to all Admins informing them of this change
Note: Single Sign-on in Test mode will only be applicable for all Admins only. They can test their login using corporate email id or using basic authentication credentials. This change will not impact Super users, Users and they will continue to login using basic authentication.
Step 7 Once Admin verifies SSO corporate login in Test mode, he can enable SSO in Live mode
When you make Single Sign-on live, all active users of DvSum will be required to use their SSO credentials to sign-in. Their existing DvSum passwords will be deleted. An email notification will be sent to all the active users of DvSum.
An email will also be sent to all active users and they will not be able to login using Basic authentication
Step 8 If Owner again turns off the SSO configuration from Manage account, again email will be sent to all users.
NOTE: When Single Sign-on is disabled, all users will be authenticated by Basic Authentication process which will involve setting up a password. An Email will be sent to all active users notifying them of this change and a unique temporary password so that they can keep using DvSum application. They will be required to change it when they login.
SAML Configuration to Okta:
Please use following link to configure SAML integration for your Okta application.
0 Comments