| Info |
|---|
When using SSO your users along with the login credentials are all managed outside of risr/advance |
| Table of Contents |
|---|
SSO information
risr/advance can integrate with a customer’s SAML 2.0 single sign on. In this case users will authenticate through the customer’s identity provider (IdP) and not directly through risr/advance.
...
Alongside the session lifetime there is also session inactivity. The IdP sets a session inactivity time value per application that the user is authenticated for. Every time a user is actively using risr/advance they are making periodic requests to the server. If no activity occurs within risr/advance for the duration of the time period set as the session inactivity then the user will be logged out by the IdP.
...
How to setup SSO
Our metadata can be found at:
For our UK and EU customers: https://kaizenep.com/sp/shibboleth
For our Australian customers: https://au.kaizenep.com/sp/shibboleth
For our Canadian customers: https://ca.kaizenep.com/sp/shibboleth
...
Once we have validated the test login is successful we are ready to provide the SSO login link directly onto the live instance when it is appropriate to do so.
Login page
Once SSO is enabled it is possible to choose whether to allow users to login through:
SSO only
SSO and/or local credentials
| Info |
|---|
It may be important to retain the option to login through local credentials if you need to allow access to external users who do not have accounts with your SSO provider. |
The login screen will display login options according to the option you choose. The text shown on these login buttons can be customised.
...
| Note |
|---|
A user must be assigned their specific SSO ID login credential for the SSO login process to function |