Single sign-on
In order to set up single sign-on (SSO), the previously created enterprise application needs to be updated.
Prerequisites (provided by Datafisher):
Metadata URL/Identifier/Entity IDReply URL
Results (to be provided to Datafisher):
App Federation Metadata Url
Set up SAML parameters
First,
- find the application from the enterprise applications list,
- open
Manage→Single sign-on, - select
SAMLas the sign-on method.
Next, under Basic SAML Configuration click Edit.
Next, click on Add identifier and Add reply URL.
Next, enter the provided Metadata URL / Identifier / Entity ID and Reply URL into the relevant fields and click Save. Those values should have been provided to you by Datafisher.
The Employee ID claim
Next, under Attributes & Claims click Edit.
Next, select Add new claim.
Next,
- enter
employeeIdas theName, user.employeeid(or whichever attribute that contains the employee ID for your company) as theSource Attribute,- click
Save.
Metadata URL
Next, under SAML Certificates the App Federation Metadata Url is displayed. It must be sent to Datafisher in order to complete SSO setup on the
Assignment
Finally, signing in via the application should be made available for everyone in the tenant by
- going to
Manage→Properties, - changing
Assignment RequiredtoNo, - clicking
Save.
Alternatively, only selected users or user groups could be provided access to the application (not recommended) by going to Manage → Users and groups and configuring the settings as needed.
The
Testing
Once the App Federation Metadata Url has been provided to Datafisher and