Enabling SAML Based Single Sign On (SSO)

 

 

SAML-based single sign on (SSO) gives members access to DvSum through an identity provider (IDP) of your choice.

Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials to access multiple applications. SSO is used by enterprises and individuals to ease the management of various usernames and passwords.

DvSum enables you to secure your account by providing Web SSO capabilities based on popular standards such as SAML-based identity provider, allowing your enterprise user directory or third-party IdP to secure your applications via standards-based security tokens.

Many providers we work with are as under:

  • ADFS
  • Microsoft Azure
  • Okta
  • OneLogin

Lets get started the steps involved in setting up and enabling Single Sign-on

Step 1 Login to your Owner account. Administration tab > Manage account > SSO

mceclip0.png

Step 2 Click on Add IDP button and user will be navigated to below form

mceclip1.png

Step 3 Download SP Metadata file and configure with your IDP (Link attached below for configuring OKTA, Azure IDP)

Step 4 Fill the form with all the required fields 

mceclip2.png

Provider Name Give a unique provider name in case you have multiple IDP's. Name cannot be updated once configured. Provider Name can only be alphanumeric and must be 3 to 32 characters long and must start with alphabets and cannot have special characters or spaces.
Identifier This is your company's domain name e.g dvsum.com.
Attributes Please find the attributes information in your idp's metadata and map the attributes to dvsum SAML attributes.

Step 5 Click on Save button and user will be navigated to IDP Listing page

mceclip3.png

As soon atleast one IDP is added, Single Sign-on button can be enabled /disabled

Step 6 As soon User clicks on SSO Toggle button, User will be prompted with the following image

mceclip4.png

On clicking OK button, SSO will be enabled in Test Mode

mceclip5.png

An email will be sent to all Admins informing them of this change

mceclip6.png

Note: Single Sign-on in Test mode will only be applicable for all Admins only. They can test their login using corporate email id or using basic authentication credentials. This change will not impact Super users, Users and they will continue to login using basic authentication.

 

Step 7 Once Admin verifies SSO corporate login in Test mode, he can enable SSO in Live mode

When you make Single Sign-on live, all active users of DvSum will be required to use their SSO credentials to sign-in. Their existing DvSum passwords will be deleted. An email notification will be sent to all the active users of DvSum.

mceclip0.png

An email will also be sent to all active users and they will not be able to login using Basic authentication

mceclip1.png

 

Step 8 If Owner again turns off the SSO configuration from Manage account, again email will be sent to all users.

NOTE: When Single Sign-on is disabled, all users will be authenticated by Basic Authentication process which will involve setting up a password. An Email will be sent to all active users notifying them of this change and a unique temporary password so that they can keep using DvSum application. They will be required to change it when they login.

mceclip2.png

mceclip3.png

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk