Changes

Configuration below is for SSO Login within the client's SmartSimple production instance.  

A. SSO Configuration</br> 1. Navigate to '''Global Settings''' → '''Integrations''' tab → '''Single Sign-On''' section</br> 2. Click on the “+” icon to create a new SSO configuration on the instance</br> 3. Fill out the mandatory fields:< '''SSO Alias''': '''''SAML2''''' (default alias for production instance) '''Signing Certificate (X.509)''': cut and paste the x509 certificate after configuration of the client's Identity Provider '''Timestamp Time Zone''': '''''--UTC/GMT--''''' (default from the dropdown) '''MES Group Identifier''': '''''SSOProd''''' (free text field) '''MES Environment Identifier''': '''''alias.smartsimple.com''''' (client's url production instance) '''Method''': '''''Identity Provider-initiated''''' (default setting) '''Identity Provider Service Endpoint''': this is the url login redirect. For Azure, the value in "'''''User Access URL'''''" (Found under "Properties") For OKTA, the value in "'''''Embed Link'''''" (Found under "General" tab in the "App Embed Link" Section) For ADFS the redirect is https://adfs.yourlocaldomain.com/adfs/ls/idpinitiatedsignon.aspx?loginToRp=https://alias.smartsimple.com/br>

'''SSO Alias''': '''''SAML2''''' (default alias for production instance)</br>'''Signing Certificate (X.509)''': cut and paste the x509 certificate after configuration of the client's Identity Provider</br>'''Timestamp Time Zone''': '''''--UTC/GMT--''''' (default from the dropdown)</br>'''MES Group Identifier''': '''''SSOProd''''' (free text field)</br>'''MES Environment Identifier''': '''''alias.smartsimple.com''''' (client's url production instance)</br>'''Method''': '''''Identity Provider-initiated''''' (default setting)</br>'''Identity Provider Service Endpoint''': this is the url login redirect. </br> - For Azure, the value in "'''''User Access URL'''''" (Found under "Properties") </br> - For OKTA, the value in "'''''Embed Link'''''" (Found under "General" tab in the "App Embed Link" Section)</br> - For ADFS the redirect is https://adfs.yourlocaldomain.com/adfs/ls/idpinitiatedsignon.aspx?loginToRp=https://alias.smartsimple.com/</br>'''Unique Identifier FIeld (UID)''': from the dropdown, select '''''*E-Mail''''' (Default value but it can also be the Employee ID or any unique identifier in the user profile)</br>'''Bypass Multi-Factor Authentication (MFA)''': enabled</br>4. Click Save</br>B. Login Page Configuration</br>1. Navigate to '''Global Settings''' → '''Branding''' tab → '''Login Pages''' section</br>2. From the '''Primary''' tab, click on the pencil icon for the first item on the list view - the default Login Page</br>3. From the '''General''' tab, go to the '''Single Sign-On''' section and complete the two fields</br>'''MES Group Identifier''': from the dropdown, select '''''SSOProd'''''</br>'''Link Label''': '''''Employee Login''''' (free text field)</br>4. Click Save</br>

[[File:SSO_Login4.png|thumb|none|300px|SSO User Creation SettingsClick Save B.]]Login Page Configuration

===Configuration 2. From the '''Primary''' tab, click on the pencil icon for multithe first item on the list view -environment SSO===the default Login Page

===Configuration for 3. From the '''General''' tab, go to the '''Single Sign-On''' section and complete the two IdP within production instance===fields'''MES Group Identifier''': from the dropdown, select '''''SSOProd''''''''Link Label''': '''''Employee Login''''' (free text field)