Changes

Single Sign-On

23 bytes added, 18:00, 23 January 2023
SmartSimple SSO configuration as the Service Provider
====SmartSimple SSO configuration as the Service Provider====
'''A. SSO Configuration'''
1. Navigate to '''Global Settings''' → '''Integrations''' tab → '''Single Sign-On''' section
3. Fill out the mandatory fields:
: '''SSO Alias''': '''''SAML2''''' (default alias for production instance) : '''Signing Certificate (X.509)''': cut and paste the x509 certificate after configuration of the client's Identity Provider : '''Timestamp Time Zone''': '''''--UTC/GMT--''''' (default from the dropdown) : '''MES Group Identifier''': '''''SSOProd''''' (free text field) : '''MES Environment Identifier''': '''''alias.smartsimple.com''''' (client's url production instance) : '''Method''': '''''Identity Provider-initiated''''' (default setting) : '''Identity Provider Service Endpoint''': this is the url login redirect. :: For Azure, the value in "'''''User Access URL'''''" (Found under "Properties") ::: For OKTA, the value in "'''''Embed Link'''''" (Found under "General" tab in the "App Embed Link" Section) :::: For ADFS , the redirect is https://adfs.yourlocaldomain.com/adfs/ls/idpinitiatedsignon.aspx?loginToRp=https://alias.smartsimple.com/ :::: '''Unique Identifier FIeld (UID)''': from the dropdown, select '''''*E-Mail''''' (Default value but it can also be the Employee ID or any unique identifier in the user profile) :::: '''Bypass Multi-Factor Authentication (MFA)''': enabled::: 4. Click Save
4. Click Save
'''B. Login Page Configuration'''
1. Navigate to '''Global Settings''' → '''Branding''' tab → '''Login Pages''' section
3. From the '''General''' tab, go to the '''Single Sign-On''' section and complete the two fields
'''MES Group Identifier''': from the dropdown, select '''''SSOProd'''''
'''Link Label''': '''''Employee Login''''' (free text field)
:::: '''MES Group Identifier''': from the dropdown, select '''''SSOProd'''''
:::: '''Link Label''': '''''Employee Login''''' (free text field)
:::
4. Click Save
 
Upon logout, the SSO button will be visible below the the username/password.
 
[[File:SSO_Login.png|thumb|none|300px|SSO User Creation Settings.]]
Smartstaff
1,385
edits