Overview of SSO
Path: Community Settings >> Security >> Single Signon Settings
When we have SSO enabled and added to the community, these are the global settings we can customize for the SSO. This section is a part of Advanced settings.
Toggle the switch to Advanced from any part of the community settings to access the SSO.
SSO General Settings:
Remove Sync groups when groups are empty: This will remove any groups that have no members assigned to them.
Redirect to SSO Login Automatically: When you have this setting enabled, the SSO enabled community will be automatically redirected to the SSO login page.
Login Redirection Delay (in seconds): This helps you to setup a delay in redirection to the SSO Login page. The Login Redirection Delay value must be greater than 0 and the default value is 5.
Ideascale Email/ Password Login: Allows users to have a login option with Ideascale credentials along with the option to login via SSO.
Allow members/persons to change username: Enabling this setting allows an SSO community members to change their username from what has been already passed via SSO.
Remember Me: Enabling this will remember the members that have logged in via SSO.
Groups Allowed for Ideascale Email/Password Login: You can restrict the groups that can login via Ideascale Email/Password.
Enable Community Sign Up: This option will only be visible when we have Ideascale Email/Password login enabled. This will allow new members to sign up or register to the community.
Groups Not Allowed for Ideascale Email/Password Login: We can assign groups that should be restricted from using the Ideascale Email/Password to login to the community.
What is Single Sign-On and why should I use it?
Single Sign-On (SSO) is a popular method of integrating your site's user details with IdeaScale's authentication system. The benefit to configuring SSO is that it alleviates the user's need to log into IdeaScale with another set of credentials. With SSO employed, access to the IdeaScale community is predetermined by the user's access to your intranet. SSO removes the login process--which many community admins feel is a significant barrier to participation!
For more details about SSO, click here
What kinds of Single Sign-On does IdeaScale support?
SAML (Security Assertion Markup Language) is an XML-based standard for exchanging authentication and authorization data between an identity provider (IdP) such as Okta, and a service provider (SP) for IdeaScale SSO integrations, the IdeaScale community is the Service Provider.
Learn more here!
Multipass authentication is a single sign on authentication strategy to allow you to share your user authentication with your site
Encrypted token that is passed on in the URL or as a parameter in a post form
Yammer is a social networking service used for private communication within organizations.
Learn more here!
Please Note: Configuring multiple IDP SSO in the community will not apply all at the same time. Yammer and SAML SSO do not work together. In case you have SAML and Yammer SSO set up, only Yammer SSO will appear during logins.
Azure AD allows determining who has access to IdeaScale
It helps to manage your accounts in one central location - the Azure portal
Learn more here.