Introduction
A user guide is also known as a user manual, that helps you to assist in using a particular product, service, or application. This guide can be a written document associated with related images or screenshots.
| Table of Contents |
|---|
Overview
The Single Sign-On (SSO) solution allows users to get one-click secure access to multiple on-premise and cloud-based applications using a single username and password. The core benefit of SSO is it helps you log in seamlessly. It is also known as an authentication scheme that allows you to log in with a single ID to any of several related, independently. Further, these tools enable you to access multiple applications and services by using one set of credentials. You are allowed to access a variety of platforms and apps without login in every time. Single sign-on gives you the freedom to reduce the efforts of reducing the necessity to remember the multiple passwords. SSO allows you to access all the integrated apps by providing a pop-up widget or login page with just one password. It eventually helps you to get a hassle-free solution for login into multiple applications.
SSO is based on the concept of federation ID. It shares identity attributes between trusted and autonomous systems. When you are trusted by the system, you can access it automatically, it will also be granted to all other users who have established a trust relationship with you. It forms the basis for modern SSO solutions made possible by protocols such as OpenID Connect and SAML 2.0. Sapper uses SAML v2.0 for conducting the SSO process.
How to use SSO on Sapper 3.0
The SSO process for Sapper 3.0 is associated with multiple steps. Those are mentioned below.
Click on My Account from the sapper home page
2. Once you open the My Account page you will get an option for the application.
3. Click on the application tab and you will get the option for “Security admin console”.
4. Once you click on the security admin console you will be redirected to a new tab. There you will get 2 options Clients and Identity providers.
5. Click on the “Identity provider" and the tab will be open on the screen.
6. From the “Add Provider” dropdown field you need to add the required provider.
7. Click on the dropdown option, and select the required provider. Here we have selected SAML v2.0 as a provider.
8. Once you select the provider, you will be redirected to the Add identity provider page.
9. Fill out the form by providing the name of the “Alias”. it is a part of “Redirect URI”. It’s required for configuring the SAML provider in Sapper.
10. To configure the flow, you need to select the “First Login Flow”, from the dropdown. You will get the option for Browser, Direct Grant, Reset credentials, First Broker Login, Docker Auth, and HTTP Challenger. Here we have selected “First Broker Login”, you can select the required one based on your requirements.
11. Select the “Sync Mode” from the dropdown list. You will get the option for Import, Legacy, and Force. Here we have selected the “Import” option to complete the synchronization.
12. Now to create SAML for the configuration you need to provide the “Service provider entity ID”, in the SAML Config field.
13. Select the policy format from the “NameID Policy Format” field. You will get the option in a dropdown and select the required one. Here we have selected persistent as a policy format.
14. Now select the type of principal from the “Principal Type”. Select the required one from the dropdown option. Here we have selected “Subject NameID” as a principal type.
15. Enable the “Allow Create” field for providing configuration access.
16. The next field is associated with providing authentication. Select the comparison to complete the authentication from the “Requested AuthnContext Constraints” field. You can select the required “Comparison” from the dropdown list. You will get the option of Exact, Minimum, Maximum, and Better. Here we have selected Exact, you can select based on your requirements.
17. You can import the metadata from the Sapper SAML provider. It can be done from the “Import External IDP config” field. You can import the metadata by providing an import location URL, or by selecting a file from the device, from the “Import from File” field.
18. Now, click on “Save” to complete the configuration.
